VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021
Ran by aaa (administrator) on DESKTOP-1JNUR2R (ATComputers COMFOR DIABLO I65) (05-05-2021 21:14:19)
Running from C:\Users\aaa\Desktop
Loaded Profiles: defaultuser0 & aaa
Platform: Windows 10 Pro Version 20H2 19042.928 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\macmnsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\masvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\macompatsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mctray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mfemactl.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewc.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewch.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Endpoint Security Platform\mfeesp.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Firewall\mfefw.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfeensppl.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\aaa\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.963_none_e7400f2b262ca554\TiWorker.exe
(OORT inc. -> oh!soft) C:\Program Files (x86)\oCam\oCamTask.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vicamon.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vmonproc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IMMON] => C:\Program Files (x86)\IM Magician\Vicamon.exe [143360 2010-09-28] (Vimisoft Studio) [File not signed]
HKLM-x32\...\Run: [IMMONSUPPORT] => "C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [52553728 2020-07-10] (Hammer & Chisel Inc. -> Hammer & Chisel, Inc.)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe [654112 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
HKLM-x32\...\Run: [EpicPen] => C:\Program Files (x86)\Epic Pen\EpicPen.exe [779152 2020-02-20] (Tank Studios LTD -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-03] (Nero AG -> Nero AG)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [Discord] => C:\Users\aaa\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\XRXS1PC: C:\Windows\System32\spool\prtprocs\x64\xrxs1pc.dll [33792 2007-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\PJL Language Monitor: C:\WINDOWS\system32\PJLMON.DLL [24064 2021-04-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\XRXS1 Langmon: C:\WINDOWS\system32\xrxs1l6.dll [22016 2007-03-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2504594E-DEC7-4257-BB7A-E5A3D2BCBB9A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {476FD06C-9440-43D5-B420-27FEDC5AE2F1} - System32\Tasks\G2MUploadTask-S-1-5-21-2905597249-1629462600-326273939-1001 => C:\Users\aaa\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {71C37E72-5579-4A38-A6E8-566DD5108E9C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7257B0EB-FF5C-4072-8F68-9AD114EF6407} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {81795AC2-BBFA-40A9-B4C2-C1A162AC9B67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
Task: {86CEED45-B85C-46AE-9FE1-A62CB3214947} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {889AA1FF-880D-4D3B-AF59-A8BDD327FD9D} - System32\Tasks\G2MUpdateTask-S-1-5-21-2905597249-1629462600-326273939-1001 => C:\Users\aaa\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {8CC33937-8F53-4729-81C3-ABAFC08B1D3D} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\Engine\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-01-06] (McAfee, Inc. -> McAfee, LLC.)
Task: {9EF66458-5B74-4E85-A5D2-24D4E8F1C6E5} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {BD5D8378-F11C-4D37-A816-E2F1D77F855F} - System32\Tasks\oCamTask => C:\Program Files (x86)\oCam\oCamTask.exe [148816 2019-09-06] (OORT inc. -> oh!soft)
Task: {C39432B3-5517-49C8-8ACD-F0173769553F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
Task: {DB4CBE4B-5881-49C0-9E39-BB296E2059F9} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {DFC4141C-1D5B-4C24-B902-9C7F22207E4C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{14b0b5df-90a9-4ebf-9aed-aaa7b8c0f122}: [DhcpNameServer] 10.0.0.138

Edge:
=======
DownloadDir: C:\Users\aaa\Desktop
Edge HomeButtonPage: HKU\S-1-5-21-2905597249-1629462600-326273939-1001 -> hxxp://www.seznam.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\aaa\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-05]
Edge DownloadDir: C:\Users\aaa\Desktop
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxps://google.com/"
Edge Session Restore: Default -> is enabled.

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-11-13] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi
FF Extension: (McAfee Endpoint Security Web Control) - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi [2019-10-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default [2021-05-05]
CHR DownloadDir: C:\Users\aaa\Desktop
CHR Notifications: Default -> hxxps://app.cryptokingdom.tech
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-30]
CHR Extension: (Dokumenty) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-30]
CHR Extension: (Disk Google) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-30]
CHR Extension: (YouTube) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-30]
CHR Extension: (Tabulky) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-21]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2021-04-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-16]
CHR Profile: C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-08]
CHR Profile: C:\Users\aaa\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [jjkchpdmjjdmalgembblgafllbpcjlei] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mcchplg.crx [2019-10-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 macmnsvc; C:\Program Files\McAfee\Agent\macmnsvc.exe [241456 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
R2 masvc; C:\Program Files\McAfee\Agent\masvc.exe [179552 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [956760 2020-11-13] () [File not signed]
R3 McAfeeFramework; C:\Program Files\McAfee\Agent\x86\macompatsvc.exe [261640 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R2 mfewc; C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewc.exe [319792 2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG -> Nero AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2017-06-05] (Sony Mobile Communications AB -> Sony Mobile Communications)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [379824 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [107440 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfeepmpk; C:\WINDOWS\System32\drivers\mfeepmpk.sys [226432 2020-10-14] (McAfee, Inc. -> McAfee, LLC.)
S3 MfeEpNfcp; C:\WINDOWS\System32\drivers\MfeEpNfcp.sys [79440 2021-04-06] (McAfee, Inc. -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517040 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfehck; C:\WINDOWS\System32\drivers\mfehck.sys [89520 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [993712 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [563640 2020-10-14] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107448 2020-10-14] (McAfee, Inc. -> McAfee LLC.)
R1 mfenlfk; C:\WINDOWS\system32\DRIVERS\mfenlfk.sys [82352 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49544 2021-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420088 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-05 20:57 - 2021-05-05 21:15 - 000021852 _____ C:\Users\aaa\Desktop\FRST.txt
2021-05-05 20:56 - 2021-05-05 21:12 - 000000000 ____D C:\FRST
2021-05-05 20:44 - 2021-05-05 20:45 - 002298368 _____ (Farbar) C:\Users\aaa\Desktop\FRST64.exe
2021-05-05 19:49 - 2021-05-05 21:17 - 1577254472 _____ C:\Users\aaa\Desktop\McMafie 8z8 (mafiánský seriál McMafia GB-USA 2018, audio CZ+EN, tit. CZ, 1080p) JackRIPper.ts.8806325895796533264.part
2021-05-05 18:39 - 2021-05-05 18:40 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000003-000000.txt
2021-05-05 16:42 - 2021-05-05 21:14 - 000000000 ____D C:\Users\aaa\Desktop\mt4 a
2021-05-05 16:16 - 2021-05-05 19:16 - 000000390 _____ C:\Users\aaa\Desktop\tdPanel1.csv
2021-05-05 16:16 - 2021-05-05 16:44 - 000000484 _____ C:\Users\aaa\Desktop\tdPanel.csv
2021-05-03 08:37 - 2021-05-04 16:37 - 000000000 ____D C:\Users\aaa\Desktop\MOJE OBCHODY
2021-05-03 08:37 - 2021-05-04 09:14 - 000000000 ____D C:\Users\aaa\Desktop\Standa škola
2021-04-30 19:35 - 2021-05-02 17:57 - 000016490 _____ C:\Users\aaa\Desktop\divergence.xlsx
2021-04-30 19:03 - 2020-12-29 18:04 - 000054272 _____ C:\Users\aaa\Desktop\DENÍK Purple.xls
2021-04-30 18:47 - 2020-10-11 17:37 - 000013004 _____ C:\Users\aaa\Desktop\obchodni-denik-sablona.xlsx
2021-04-30 18:47 - 2020-09-13 11:05 - 000040960 _____ C:\Users\aaa\Desktop\tabulka obchodni denik - sablona.xls
2021-04-30 18:39 - 2021-04-30 18:39 - 000000000 _____ C:\Users\aaa\Desktop\DENIK NA HODANA A poslat adamovi.txt
2021-04-29 12:12 - 2021-04-29 12:12 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000002-000000.txt
2021-04-20 21:17 - 2021-04-20 21:17 - 000001458 _____ C:\Users\aaa\Desktop\Korelace Ondry – zástupce.lnk
2021-04-17 16:21 - 2021-04-17 16:21 - 000000892 _____ C:\Users\aaa\Desktop\MT 4 A ZÁLOHA – zástupce.lnk
2021-04-17 16:19 - 2021-04-17 16:19 - 000002042 _____ C:\Users\aaa\Desktop\AE91483A2C1AB18F5CE478007E23752E – zástupce.lnk
2021-04-17 16:07 - 2021-04-17 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purple Trading MT4 A
2021-04-17 16:07 - 2021-04-17 16:07 - 000000000 ____D C:\Program Files (x86)\Purple Trading MT4 A
2021-04-14 07:37 - 2021-04-14 07:37 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2021-04-13 22:36 - 2021-04-13 22:36 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-13 22:34 - 2021-04-13 22:34 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-13 22:34 - 2021-04-13 22:34 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-13 21:07 - 2021-04-13 21:07 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2021-04-13 20:49 - 2021-04-13 20:49 - 000000000 ____D C:\WINDOWS\PCHEALTH

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-05 21:06 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-05 20:15 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-05 20:14 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-05 19:49 - 2020-11-22 19:33 - 000000000 ____D C:\Users\aaa\AppData\Roaming\EpicPen
2021-05-05 18:45 - 2017-10-01 17:18 - 000000000 ____D C:\Program Files\CCleaner
2021-05-05 18:45 - 2016-12-02 22:53 - 000000000 ___RD C:\Users\aaa\OneDrive
2021-05-05 18:42 - 2020-10-15 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-05 18:42 - 2020-10-15 22:54 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-05 18:41 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-05 16:20 - 2020-10-15 23:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-05-05 12:46 - 2020-10-15 22:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-05 11:23 - 2018-02-06 15:10 - 000000000 ____D C:\Users\aaa\AppData\Roaming\Telegram Desktop
2021-05-04 09:36 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-04 09:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-02 17:41 - 2020-05-08 16:07 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-30 18:55 - 2018-11-25 23:40 - 000000000 ___HD C:\Users\aaa\Desktop\ACRCallsBackup
2021-04-30 09:47 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-04-29 09:43 - 2020-10-15 23:45 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2905597249-1629462600-326273939-1001
2021-04-29 09:42 - 2020-10-15 22:59 - 000002400 _____ C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-27 16:27 - 2017-09-12 18:44 - 000000000 ____D C:\Users\aaa\AppData\Roaming\vlc
2021-04-27 14:57 - 2019-07-30 23:28 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-26 09:42 - 2020-10-16 00:21 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a337560a0dc6
2021-04-26 09:42 - 2020-10-15 23:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-24 17:43 - 2020-10-15 23:12 - 001693204 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-24 17:43 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-24 17:43 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-23 14:16 - 2017-08-02 13:16 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-21 21:11 - 2020-08-23 15:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-21 14:50 - 2020-10-15 23:45 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-21 14:50 - 2020-10-15 23:45 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-21 12:11 - 2018-03-25 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-04-21 12:11 - 2018-03-25 12:44 - 000000000 ____D C:\Program Files (x86)\Java
2021-04-21 12:09 - 2018-03-25 12:45 - 000164640 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-04-17 16:25 - 2017-08-11 21:45 - 000000000 ___RD C:\Users\aaa\Desktop\NÁSTROJE
2021-04-17 16:04 - 2019-04-28 18:38 - 000000000 ____D C:\Users\aaa\AppData\Roaming\MetaQuotes
2021-04-13 22:51 - 2020-10-15 22:54 - 000442920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-13 22:46 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-13 22:33 - 2020-10-15 23:00 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-13 21:10 - 2020-03-16 18:03 - 000000654 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2905597249-1629462600-326273939-1001.job
2021-04-13 21:10 - 2020-03-16 18:03 - 000000558 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2905597249-1629462600-326273939-1001.job
2021-04-13 20:54 - 2016-12-03 00:25 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-13 20:54 - 2016-12-03 00:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-13 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-04-12 09:56 - 2020-10-23 19:29 - 000000000 ____D C:\Program Files\Admiral Markets MT5
2021-04-06 03:12 - 2020-10-14 18:31 - 000079440 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\MfeEpNfcp.sys

==================== Files in the root of some directories ========

2019-05-28 11:03 - 2019-06-23 19:51 - 000004608 _____ () C:\Users\aaa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-13 21:20 - 2017-09-13 21:20 - 000000017 _____ () C:\Users\aaa\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2021
Ran by aaa (05-05-2021 21:18:07)
Running from C:\Users\aaa\Desktop
Windows 10 Pro Version 20H2 19042.928 (X64) (2020-10-15 21:47:23)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

aaa (S-1-5-21-2905597249-1629462600-326273939-1001 - Administrator - Enabled) => C:\Users\aaa
Administrator (S-1-5-21-2905597249-1629462600-326273939-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2905597249-1629462600-326273939-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2905597249-1629462600-326273939-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2905597249-1629462600-326273939-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2905597249-1629462600-326273939-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Endpoint Security (Enabled - Up to date) {A37DD4B2-BDFF-70DA-DE19-9F9927D6940F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Endpoint Security (Enabled) {9B465597-F790-7182-F546-36ACD905D374}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.11 (HKLM-x32\...\{26CB5429-1141-40FC-A7AA-F13AC1458D10}) (Version: 4.11.3.3420 - Open Media LLC)
Admiral Markets MT5 (HKLM\...\Admiral Markets MT5) (Version: 5.00 - MetaQuotes Software Corp.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}) (Version: 9.0.115.0 - Adobe Systems, Inc.)
ANTSvc version 1.0.0.0 (HKLM-x32\...\ANTSvc_is1) (Version: 1.0.0.0 - ANTSvc)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
Discord (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16.0.9 - Poikosoft)
Epic Pen (HKLM-x32\...\Epic Pen_is1) (Version: v3.9.29.0 - TANK Studios LTD)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
Intel(R) Computing Improvement Program (HKLM\...\{848F0123-CF5D-4192-90EC-A6574D8B1796}) (Version: 2.4.06522 - Intel Corporation)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
McAfee Agent (HKLM\...\{F01CC7C9-9545-494A-9A8E-F52037F8BE8E}) (Version: 5.6.1.308 - McAfee, Inc.) Hidden
McAfee Agent (HKLM-x32\...\McAfeeAgent) (Version: 5.6.1.308 - McAfee, Inc.)
McAfee Data Exchange Layer for MA (HKLM\...\{FEE8AD9B-C4D7-4F07-89AC-88C28E2B8809}) (Version: 5.0.10249.0 - McAfee LLC) Hidden
McAfee Data Exchange Layer for MA (HKLM-x32\...\{a3f1e826-e1b0-460f-8113-6624beacab1b}) (Version: 5.0.1.249 - McAfee LLC) Hidden
McAfee Endpoint Security Adaptive Threat Protection (HKLM\...\{377DA1C7-79DE-4102-8DB7-5C2296A3E960}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Firewall (HKLM\...\{6F88C6E9-CAD0-4D03-99E1-161383F9AD6F}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Platform (HKLM\...\{B16DE18D-4D5D-45F8-92BD-8DC17225AFD8}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Threat Prevention (HKLM\...\{820D7600-089E-486B-860F-279B8119A893}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Web Control (HKLM\...\{5974413A-8D95-4D64-B9EE-40DF28186445}) (Version: 10.7.0 - McAfee, LLC.)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.51 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\OneDriveSetup.exe) (Version: 21.062.0328.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1029}) (Version: 8.0.182 - Nero AG)
NQuotes (HKLM-x32\...\NQuotes) (Version: 1.13 - Brainroom Ltd.)
oCam 버전 515.0 (HKLM-x32\...\oCam_is1) (Version: 515.0 - hxxp://ohsoft.net/)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4 A) (Version: 4.00 - MetaQuotes Ltd.)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4) (Version: 4.00 - MetaQuotes Software Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Slovník Verdict Free (a internetový překladač) (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Verdict Free) (Version: - )
Sonic Foundry Sound Forge 6.0a (HKLM-x32\...\{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}) (Version: 6.0.150 - Sonic Foundry)
Telegram Desktop version 2.7.4 (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.4 - Telegram FZ-LLC)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
Video Viewer (HKLM-x32\...\Video Viewer) (Version: 0.1.9.7 - AVTECH Corporation, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSO Downloader 5.1.1.69 (HKLM-x32\...\{3C5CD638-CAD0-4F6C-81FD-B37D47B411F7}_is1) (Version: 5.1.1.69 - VSO Software)
VSO Image Resizer 1.3.4d (HKLM-x32\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.157 - McAfee, LLC)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{F92064F6-BDE8-46FC-A19F-4E12D311BE3A}) (Version: 1.0.30 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.0.1.1219 - Xilisoft)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )
Zoom (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\ZoomUMX) (Version: 5.2.2 (45108.0831) - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-01] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
McAfee Endpoint Security Web Control -> C:\Program Files\WindowsApps\5A894077.McAfeeEndpointSecurityWebControl_10.7.3.0_x86__wafk5atnkzcwy [2020-10-14] (McAfee Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4213.0_x64__8wekyb3d8bbwe [2021-04-30] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.22101.0_x64__8wekyb3d8bbwe [2021-04-24] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-18] (Netflix, Inc.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2905597249-1629462600-326273939-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2905597249-1629462600-326273939-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\aaa\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-08-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ImageResizer] -> {C6193976-9333-4E73-96BA-7B21CA942187} => C:\Program Files (x86)\VSO\Image Resizer\RSZShell64.dll [2007-01-24] (VSO Software SARL) [File not signed]
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-22 15:18 - 2014-05-18 21:32 - 000441220 _____ (Java(TM) Native Access (JNA)) [File not signed] C:\Users\aaa\Desktop\NÁSTROJE\FreeRapid-0.9u4\FreeRapid-0.9u4\lib\jnidispatch32.dll
2020-12-15 14:37 - 2020-12-15 14:37 - 001950208 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2018-01-22 20:50 - 2010-09-26 21:31 - 000073728 ____R (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\exvmuvc.ax
2018-01-22 20:50 - 2010-09-28 13:04 - 000081920 _____ (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\VmicCommonIR.dll
2018-01-22 20:50 - 2010-06-21 16:56 - 000077824 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\FlydCamCtrl.dll
2018-01-22 20:50 - 2010-09-28 14:43 - 000147456 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\Plugins\immirrc.dll
2018-01-22 20:50 - 2010-06-21 16:56 - 000073728 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\TiaDecFac.dll
2018-01-22 20:51 - 2010-06-10 16:10 - 000081920 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydblapl.ax
2018-01-22 20:51 - 2010-05-18 18:23 - 000196608 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydcam.ax
2019-08-15 18:52 - 2007-01-24 10:38 - 000130048 _____ (VSO Software SARL) [File not signed] C:\Program Files (x86)\VSO\Image Resizer\RSZShell64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Toolbar: HKLM-x32 - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2020-01-23 10:01 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2905597249-1629462600-326273939-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "IMMON"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "EpicPen"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\StartupFolder: => "Telegram.lnk"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{38F8858B-DD30-4CED-B6A4-9D8A849DE640}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{04101C78-00BA-4BA5-94A8-B4B3C1FC16B3}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{E81ACD9B-9F79-4CA0-82CC-9F976E297C45}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{178C6B30-3CBF-4ECE-9060-ECFE1173B7A0}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{608C9E9E-AE0C-4A8A-B759-EB9423A21412}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{1235A4DE-BEA2-402F-882B-6195C22AE353}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Allow) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [TCP Query User{FE2B040D-2F2D-4443-B2C0-5587EAB714FF}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Allow) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [UDP Query User{2BB6BFBA-EA99-4A80-B02C-5150A0A5B261}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CEC3BE18-E637-450B-B5DE-10467C29D7BD}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2FAA2F69-7BA2-4BBB-93D4-E3D9FA529C57}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FF9A6185-44A3-4AAF-B848-28DA8331245E}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{624D843E-3005-4174-A38C-232C59DAE6D1}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{876C1C26-4B4F-4F6F-8F6C-D29CE0751ED2}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{595DF0CA-5356-40B0-9D41-C79748FE4D29}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Block) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [TCP Query User{669FD538-0D37-4D05-A9AF-34F0AF9590EE}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Block) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [UDP Query User{9DED04E5-CBBB-4BE1-92A6-1936398BF5B9}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [TCP Query User{EF6C2B77-156B-48E3-AA55-7B39F06DDBE7}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{07BE12DB-7DB6-4E76-9076-8713C59F0439}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [TCP Query User{E032C053-8342-4D02-A5FF-EA1BF4094C92}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [UDP Query User{05388E02-D273-4010-9FEC-47A76A9BFCCF}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [TCP Query User{51DD86A4-7A3B-4D5B-9A1C-AFB229613AF8}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [{8473AAD1-96D9-4CDB-8F8F-BB181A3D29D5}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{917A3821-484C-4B61-8498-B89208B30163}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{43CC3079-FC02-4D11-8496-A0FA0795E7A4}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{26C8ABBB-C5E4-4EE4-B2DA-5879EA24EA5D}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [UDP Query User{BB0DB695-0B30-443D-B291-451D981C30AA}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [TCP Query User{81A37EFA-7493-4F1C-93FC-92A56DCF6789}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [{BF260DAD-8FD3-43DB-B554-170AAA390C3A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{41B55316-CCE3-4118-B69F-E04AC94C3D3B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [UDP Query User{B28E1106-7C65-4998-973D-6B42C576F506}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FDE4B27C-D078-4CB2-8F86-20447217832D}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
FirewallRules: [UDP Query User{BD0A65AF-223E-49BC-9E97-A873F55DE117}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe => No File
FirewallRules: [TCP Query User{807389EF-F73E-498A-8F33-68B9224FB859}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe => No File
FirewallRules: [UDP Query User{0697B737-5D05-4738-ADFA-2E77ECE3178D}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe => No File
FirewallRules: [TCP Query User{B0743B75-93A8-44EA-A969-92311DDD56CD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FD769A59-594E-41CE-95FA-D0C6B69CC3D3}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{8BF7EB87-E13D-4FE8-8301-564719B0E349}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6444DB01-25D1-45AD-9905-8D634C3A9362}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [TCP Query User{0390A106-3AF7-4363-A748-3F4455E14EF7}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [{68EF71F6-AF14-41F2-B131-F7B442CBE9E8}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{C9DC3E7B-2870-4617-AB22-AB93F6314765}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{142A2E18-D95F-4C53-AA9D-2CB997F46C1E}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{8155F672-63A1-49F9-896E-9511CA903A65}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{99D1E8FB-AAD8-40F0-8EF9-6EE8BD5CA390}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{1D6A71AF-1ADE-46D9-A1F6-FA5F8BF89B33}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{29DBEAF4-1771-4F6C-9FD8-77F5F381E08F}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{0E8A3579-2D1D-4BB9-BA79-BCBB4B828C2B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{28C31ACC-F509-44A6-AC1F-D9B690F335E6}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{AFC98497-7732-4BEC-BB8E-B08871DBCA2C}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [TCP Query User{BB9736D6-BA41-4001-BBDB-81FF6FA7A576}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FB12E5DD-F9AA-4DE2-93FA-8C265F94DDF3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{79C32572-946E-48CF-90CA-B64E7CB95191}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [UDP Query User{523EC6D2-0E8A-4FB8-A508-A795F55E382E}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [{4F05A4CF-5509-4268-AFB5-EB40A5D085B5}] => (Allow) C:\Program Files\Admiral Markets MT5\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Ltd.)
FirewallRules: [{A3518309-723E-4FB4-BC64-103B9708AA00}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C3E3B695-92AC-4FD9-964C-CCA5051F02CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FEC2B40D-EB55-41D3-85C1-3AE600561D45}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F7F912BC-FB5B-45C8-A67D-3DF4671B80E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C6847437-B74D-4F00-B801-3F5F89FE1E54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C07B6C3C-A546-496B-8406-3A40DD561660}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{34F7FAC2-711E-451F-AB7A-7C9A074D9A56}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{B72E368E-EB1A-4A2E-AA28-9CA706034BAE}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{BE4D5273-D152-48A8-8286-0A3D43960B42}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{0032E7BD-3242-45F2-80AA-AD3C3F2B45E5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

27-04-2021 17:16:32 Naplánovaný kontrolní bod
05-05-2021 18:25:09 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/05/2021 07:23:49 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/05/2021 07:23:49 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/05/2021 07:23:48 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\COUNT, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/05/2021 07:23:47 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\COUNT, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/05/2021 07:23:47 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\1, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/05/2021 07:23:46 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\1, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/05/2021 07:23:45 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/05/2021 06:47:27 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-1JNUR2R)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

System errors:
=============
Error: (05/05/2021 06:42:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Soubor nebo adresář je porušen a není čitelný.

Error: (05/05/2021 06:41:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby mfevtp bylo dosaženo časového limitu (30000 ms).

Error: (05/05/2021 06:40:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby SystemUsageReportSvc_QUEENCREEK bylo dosaženo časového limitu (30000 ms).

Error: (05/05/2021 06:40:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby mfemms bylo dosaženo časového limitu (30000 ms).

Error: (05/05/2021 06:40:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba User Energy Server Service queencreek byla ukončena s následující chybou:
Ovladač %2 vrátil neplatné číslo ID pro podřízené zařízení (%3).

Error: (05/05/2021 06:39:55 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (05/05/2021 06:39:39 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Energy Server Service queencreek se po přijetí pokynu pro vypnutí neukončila správně.

Error: (05/05/2021 06:39:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8007045b): 2021-04 Kumulativní aktualizace (Preview) pro Windows 10 Version 20H2 pro systémy založené na platformě x64 (KB5001391).

Windows Defender:
================
Date: 2021-03-11 17:13:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {892DF1EA-BBD6-461B-A2D3-28C1360D2023}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-11 15:05:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {850DB06C-C932-46F1-B2D0-B4CFE78F6B15}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-11 14:25:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A77881F2-3E65-40E1-A6DB-DF80043B2CCC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-11 11:41:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {216C81BB-E3D4-4D05-832D-241E3090D571}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-11 10:55:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8983F09E-E80D-4D52-A7F3-EE3EC51AB444}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-13 21:29:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.333.160.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17900.7
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2020-11-13 17:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2020-11-13 17:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2020-11-13 17:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2020-11-13 16:49:36
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

CodeIntegrity:
===============
Date: 2021-05-05 18:47:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\Endpoint Security\Threat Prevention\MfeAmsiProvider.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-05 18:46:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\Endpoint Security\Threat Prevention\MfeAmsiProvider.dll that did not meet the Windows signing level requirements.

Date: 2021-05-05 18:46:03
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\McAfee\Endpoint Security\Threat Prevention\amcfg.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F4 02/06/2012
Motherboard: Gigabyte Technology Co., Ltd. H55M-D2H
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 80%
Total physical RAM: 3767.49 MB
Available physical RAM: 724.99 MB
Total Virtual: 7479.49 MB
Available Virtual: 2896.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.51 GB) (Free:402.51 GB) NTFS
Drive d: () (Fixed) (Total:931.41 GB) (Free:381.1 GB) NTFS
Drive e: (KINGSTON) (Removable) (Total:29.29 GB) (Free:9 GB) FAT32
Drive g: () (Removable) (Total:14.42 GB) (Free:3.45 GB) FAT32

\\?\Volume{f2781714-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{f2781714-0000-0000-0000-40c0e8000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00084F14)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F2781714)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=519 MB) - (Type=27)

==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 29.3 GB) (Disk ID: 71D9E4B3)
Partition 1: (Active) - (Size=29.3 GB) - (Type=0C)

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 14.4 GB) (Disk ID: E46D6294)
Partition 1: (Active) - (Size=14.4 GB) - (Type=0C)

==================== End of Addition.txt =======================

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-06-2021
# Duration: 00:00:10
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1423 octets] - [06/05/2021 14:11:21]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-06-2021
# Duration: 00:00:43
# OS: Windows 10 Pro
# Scanned: 31975
# Detected: 1

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.InstallCore HKCU\Software\csastats

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

zdravim Vás , poslal jsem spravné logy ?

Ano, dobre ste to urobil.

Mozete sem, prosim, vlozit nove logy FRST + ADDITION?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2021
Ran by aaa (administrator) on DESKTOP-1JNUR2R (ATComputers COMFOR DIABLO I65) (13-05-2021 17:18:07)
Running from C:\Users\aaa\Desktop
Loaded Profiles: aaa
Platform: Windows 10 Pro Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel(R) System Usage Report -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\macmnsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\masvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\macompatsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mctray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mfemactl.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewc.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewch.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Endpoint Security Platform\mfeesp.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Firewall\mfefw.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfeensppl.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MpCmdRun.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(OORT inc. -> oh!soft) C:\Program Files (x86)\oCam\oCamTask.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vicamon.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vmonproc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [IMMON] => C:\Program Files (x86)\IM Magician\Vicamon.exe [143360 2010-09-28] (Vimisoft Studio) [File not signed]
HKLM-x32\...\Run: [IMMONSUPPORT] => "C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [52553728 2020-07-10] (Hammer & Chisel Inc. -> Hammer & Chisel, Inc.)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe [654112 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
HKLM-x32\...\Run: [EpicPen] => C:\Program Files (x86)\Epic Pen\EpicPen.exe [779152 2020-02-20] (Tank Studios LTD -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-03] (Nero AG -> Nero AG)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [Discord] => C:\Users\aaa\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\XRXS1PC: C:\Windows\System32\spool\prtprocs\x64\xrxs1pc.dll [33792 2007-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\PJL Language Monitor: C:\WINDOWS\system32\PJLMON.DLL [24064 2021-04-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\XRXS1 Langmon: C:\WINDOWS\system32\xrxs1l6.dll [22016 2007-03-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
Startup: C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2020-04-07]
ShortcutTarget: Telegram.lnk -> C:\Users\aaa\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1F702BDF-0FB3-4179-AC63-8A4262F10CF8} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\Engine\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-01-06] (McAfee, Inc. -> McAfee, LLC.)
Task: {2504594E-DEC7-4257-BB7A-E5A3D2BCBB9A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {476FD06C-9440-43D5-B420-27FEDC5AE2F1} - System32\Tasks\G2MUploadTask-S-1-5-21-2905597249-1629462600-326273939-1001 => C:\Users\aaa\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {71C37E72-5579-4A38-A6E8-566DD5108E9C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7257B0EB-FF5C-4072-8F68-9AD114EF6407} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {81795AC2-BBFA-40A9-B4C2-C1A162AC9B67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
Task: {86CEED45-B85C-46AE-9FE1-A62CB3214947} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {889AA1FF-880D-4D3B-AF59-A8BDD327FD9D} - System32\Tasks\G2MUpdateTask-S-1-5-21-2905597249-1629462600-326273939-1001 => C:\Users\aaa\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9EF66458-5B74-4E85-A5D2-24D4E8F1C6E5} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {BD5D8378-F11C-4D37-A816-E2F1D77F855F} - System32\Tasks\oCamTask => C:\Program Files (x86)\oCam\oCamTask.exe [148816 2019-09-06] (OORT inc. -> oh!soft)
Task: {C39432B3-5517-49C8-8ACD-F0173769553F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
Task: {DB4CBE4B-5881-49C0-9E39-BB296E2059F9} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {DFC4141C-1D5B-4C24-B902-9C7F22207E4C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2905597249-1629462600-326273939-1001.job => C:\Users\aaa\AppData\Local\GoToMeeting\19598\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2905597249-1629462600-326273939-1001.job => C:\Users\aaa\AppData\Local\GoToMeeting\19598\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{14b0b5df-90a9-4ebf-9aed-aaa7b8c0f122}: [DhcpNameServer] 10.0.0.138

Edge:
=======
DownloadDir: C:\Users\aaa\Desktop
Edge HomeButtonPage: HKU\S-1-5-21-2905597249-1629462600-326273939-1001 -> hxxp://www.seznam.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\aaa\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-13]
Edge DownloadDir: Default -> C:\Users\aaa\Desktop
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxps://google.com/"
Edge Session Restore: Default -> is enabled.

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-11-13] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi
FF Extension: (McAfee Endpoint Security Web Control) - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi [2019-10-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default [2021-05-13]
CHR DownloadDir: C:\Users\aaa\Desktop
CHR Notifications: Default -> hxxps://app.cryptokingdom.tech
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-30]
CHR Extension: (Dokumenty) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-30]
CHR Extension: (Disk Google) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-30]
CHR Extension: (YouTube) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-30]
CHR Extension: (Tabulky) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-21]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2021-04-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-16]
CHR Profile: C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-08]
CHR Profile: C:\Users\aaa\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [jjkchpdmjjdmalgembblgafllbpcjlei] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mcchplg.crx [2019-10-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 macmnsvc; C:\Program Files\McAfee\Agent\macmnsvc.exe [241456 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
R2 masvc; C:\Program Files\McAfee\Agent\masvc.exe [179552 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [956760 2020-11-13] () [File not signed]
R3 McAfeeFramework; C:\Program Files\McAfee\Agent\x86\macompatsvc.exe [261640 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R2 mfewc; C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewc.exe [319792 2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG -> Nero AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2017-06-05] (Sony Mobile Communications AB -> Sony Mobile Communications)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [379824 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [107440 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfeepmpk; C:\WINDOWS\System32\drivers\mfeepmpk.sys [226432 2020-10-14] (McAfee, Inc. -> McAfee, LLC.)
S3 MfeEpNfcp; C:\WINDOWS\System32\drivers\MfeEpNfcp.sys [93568 2021-05-04] (McAfee, Inc. -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517040 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfehck; C:\WINDOWS\System32\drivers\mfehck.sys [89520 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [993712 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [563640 2020-10-14] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107448 2020-10-14] (McAfee, Inc. -> McAfee LLC.)
R1 mfenlfk; C:\WINDOWS\system32\DRIVERS\mfenlfk.sys [82352 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-13 17:18 - 2021-05-13 17:22 - 000022875 _____ C:\Users\aaa\Desktop\FRST.txt
2021-05-13 17:17 - 2021-05-13 17:17 - 000000000 ____D C:\Users\aaa\Desktop\FRST-OlderVersion
2021-05-13 17:09 - 2021-05-13 17:09 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000006-000000.txt
2021-05-13 09:52 - 2021-05-13 09:52 - 000000000 ____D C:\Users\aaa\Desktop\ROOM
2021-05-12 20:27 - 2021-05-12 20:28 - 000000000 ____D C:\Users\aaa\Desktop\SESTŘÍHAT
2021-05-12 19:45 - 2021-05-12 19:45 - 004246377 _____ C:\Users\aaa\Desktop\eBook_ReportMetaTrader4_HQ.pdf
2021-05-12 15:10 - 2021-05-12 15:10 - 000001435 _____ C:\WINDOWS\system32\default_error_stack-000005-000000.txt
2021-05-12 14:28 - 2021-05-12 14:28 - 000001311 _____ C:\Users\aaa\Desktop\Země nomádů oscar 2021(2020)Cz.Titulky – zástupce.lnk
2021-05-12 10:51 - 2021-05-12 10:51 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-10 17:42 - 2021-05-13 17:05 - 000000000 ____D C:\Users\aaa\Desktop\MOJE OBCHODY
2021-05-10 17:42 - 2021-05-10 09:56 - 000000043 _____ C:\Users\aaa\Desktop\TTW SLOVENSKO.txt
2021-05-09 21:12 - 2021-05-09 21:12 - 000012052 _____ C:\Users\aaa\Desktop\Obchodní deník ADAM.xlsx
2021-05-09 20:28 - 2021-05-12 13:28 - 000000000 ____D C:\Users\aaa\Desktop\HODAN OBCHODY
2021-05-09 12:18 - 2021-05-09 12:18 - 000001285 _____ C:\Users\aaa\Desktop\České fotbalové legendy_ Karel Poborský – zástupce.lnk
2021-05-08 12:22 - 2021-05-08 12:22 - 000000000 ____D C:\Users\aaa\Desktop\Safe telefon
2021-05-07 18:52 - 2021-05-07 18:52 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000004-000000.txt
2021-05-07 18:08 - 2021-05-07 20:47 - 000000000 ____D C:\Users\aaa\Desktop\Bee Gees
2021-05-06 14:07 - 2021-05-06 14:12 - 000000000 ____D C:\AdwCleaner
2021-05-06 11:21 - 2021-05-06 11:21 - 008534696 _____ (Malwarebytes) C:\Users\aaa\Desktop\adwcleaner_8.2.exe
2021-05-05 20:56 - 2021-05-13 17:20 - 000000000 ____D C:\FRST
2021-05-05 20:44 - 2021-05-13 17:17 - 002299392 _____ (Farbar) C:\Users\aaa\Desktop\FRST64.exe
2021-05-05 19:30 - 2021-05-05 19:30 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-05 19:30 - 2021-05-05 19:30 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-05 19:30 - 2021-05-05 19:30 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-05 19:29 - 2021-05-05 19:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-05 19:29 - 2021-05-05 19:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-05 19:29 - 2021-05-05 19:29 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-05 19:29 - 2021-05-05 19:29 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-05 19:28 - 2021-05-05 19:28 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-05 19:27 - 2021-05-05 19:27 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-05 19:27 - 2021-05-05 19:27 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-05 19:27 - 2021-05-05 19:27 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-05 19:27 - 2021-05-05 19:27 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-05 19:26 - 2021-05-05 19:26 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-05 18:39 - 2021-05-05 18:40 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000003-000000.txt
2021-05-03 08:37 - 2021-05-12 10:58 - 000000000 ____D C:\Users\aaa\Desktop\Standa škola
2021-04-29 12:12 - 2021-04-29 12:12 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000002-000000.txt
2021-04-20 21:17 - 2021-04-20 21:17 - 000001458 _____ C:\Users\aaa\Desktop\Korelace Ondry – zástupce.lnk
2021-04-17 16:21 - 2021-04-17 16:21 - 000000892 _____ C:\Users\aaa\Desktop\MT 4 A ZÁLOHA – zástupce.lnk
2021-04-17 16:19 - 2021-04-17 16:19 - 000002042 _____ C:\Users\aaa\Desktop\AE91483A2C1AB18F5CE478007E23752E – zástupce.lnk
2021-04-17 16:07 - 2021-04-17 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purple Trading MT4 A
2021-04-17 16:07 - 2021-04-17 16:07 - 000000000 ____D C:\Program Files (x86)\Purple Trading MT4 A
2021-04-14 07:37 - 2021-04-14 07:37 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2021-04-13 22:34 - 2021-04-13 22:34 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-13 21:07 - 2021-04-13 21:07 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2021-04-13 20:49 - 2021-04-13 20:49 - 000000000 ____D C:\WINDOWS\PCHEALTH

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-13 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-13 17:27 - 2018-03-15 11:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-13 17:14 - 2017-10-01 17:18 - 000000000 ____D C:\Program Files\CCleaner
2021-05-13 17:12 - 2020-10-15 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-13 17:11 - 2020-10-15 22:54 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-13 17:10 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-13 12:42 - 2020-10-15 22:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-13 11:24 - 2018-02-06 15:10 - 000000000 ____D C:\Users\aaa\AppData\Roaming\Telegram Desktop
2021-05-13 09:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-13 09:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-13 09:38 - 2016-12-02 22:53 - 000000000 ___RD C:\Users\aaa\OneDrive
2021-05-12 19:39 - 2017-08-02 13:16 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-12 16:34 - 2020-10-15 23:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-05-12 15:13 - 2020-10-15 22:54 - 000442920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-12 15:13 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-12 15:08 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-12 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-12 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-12 11:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 09:24 - 2016-12-03 00:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 09:07 - 2016-12-03 00:25 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-12 06:49 - 2019-07-30 23:28 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-10 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-09 12:11 - 2020-05-08 16:07 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-07 20:55 - 2020-10-15 23:12 - 001693204 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-07 20:55 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-07 20:55 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-07 19:06 - 2018-01-30 01:30 - 000000000 ____D C:\Users\aaa\AppData\Local\Packages
2021-05-07 18:56 - 2017-08-11 21:45 - 000000000 ___RD C:\Users\aaa\Desktop\NÁSTROJE
2021-05-07 16:28 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-05-06 14:07 - 2017-09-13 21:59 - 000000000 ____D C:\Users\aaa\AppData\Local\Microsoft Help
2021-05-06 09:41 - 2020-10-15 23:45 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2905597249-1629462600-326273939-1001
2021-05-06 09:41 - 2020-10-15 22:59 - 000002400 _____ C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-05 22:23 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-05 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-05 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-05 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-05 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-05 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-05 22:08 - 2019-12-07 16:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-05 22:07 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-05 22:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-05 22:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-05 22:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-05 20:13 - 2019-12-07 16:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-05 19:49 - 2020-11-22 19:33 - 000000000 ____D C:\Users\aaa\AppData\Roaming\EpicPen
2021-05-04 09:39 - 2020-10-14 18:31 - 000093568 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\MfeEpNfcp.sys
2021-04-30 18:55 - 2018-11-25 23:40 - 000000000 ___HD C:\Users\aaa\Desktop\ACRCallsBackup
2021-04-27 16:27 - 2017-09-12 18:44 - 000000000 ____D C:\Users\aaa\AppData\Roaming\vlc
2021-04-26 09:42 - 2020-10-16 00:21 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a337560a0dc6
2021-04-26 09:42 - 2020-10-15 23:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-21 21:11 - 2020-08-23 15:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-21 14:50 - 2020-10-15 23:45 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-21 14:50 - 2020-10-15 23:45 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-21 12:11 - 2018-03-25 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-04-21 12:11 - 2018-03-25 12:44 - 000000000 ____D C:\Program Files (x86)\Java
2021-04-21 12:09 - 2018-03-25 12:45 - 000164640 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-04-17 16:04 - 2019-04-28 18:38 - 000000000 ____D C:\Users\aaa\AppData\Roaming\MetaQuotes
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-13 22:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-13 22:33 - 2020-10-15 23:00 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-13 21:10 - 2020-03-16 18:03 - 000000654 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2905597249-1629462600-326273939-1001.job
2021-04-13 21:10 - 2020-03-16 18:03 - 000000558 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2905597249-1629462600-326273939-1001.job
2021-04-13 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories ========

2019-05-28 11:03 - 2019-06-23 19:51 - 000004608 _____ () C:\Users\aaa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-13 21:20 - 2017-09-13 21:20 - 000000017 _____ () C:\Users\aaa\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2021
Ran by aaa (13-05-2021 17:34:19)
Running from C:\Users\aaa\Desktop
Windows 10 Pro Version 20H2 19042.985 (X64) (2020-10-15 21:47:23)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

aaa (S-1-5-21-2905597249-1629462600-326273939-1001 - Administrator - Enabled) => C:\Users\aaa
Administrator (S-1-5-21-2905597249-1629462600-326273939-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2905597249-1629462600-326273939-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2905597249-1629462600-326273939-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2905597249-1629462600-326273939-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2905597249-1629462600-326273939-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Endpoint Security (Disabled - Out of date) {A37DD4B2-BDFF-70DA-DE19-9F9927D6940F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Endpoint Security (Enabled) {9B465597-F790-7182-F546-36ACD905D374}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.11 (HKLM-x32\...\{26CB5429-1141-40FC-A7AA-F13AC1458D10}) (Version: 4.11.3.3420 - Open Media LLC)
Admiral Markets MT5 (HKLM\...\Admiral Markets MT5) (Version: 5.00 - MetaQuotes Software Corp.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}) (Version: 9.0.115.0 - Adobe Systems, Inc.)
ANTSvc version 1.0.0.0 (HKLM-x32\...\ANTSvc_is1) (Version: 1.0.0.0 - ANTSvc)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
Discord (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16.0.9 - Poikosoft)
Epic Pen (HKLM-x32\...\Epic Pen_is1) (Version: v3.9.29.0 - TANK Studios LTD)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
Intel(R) Computing Improvement Program (HKLM\...\{848F0123-CF5D-4192-90EC-A6574D8B1796}) (Version: 2.4.06522 - Intel Corporation)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
McAfee Agent (HKLM\...\{F01CC7C9-9545-494A-9A8E-F52037F8BE8E}) (Version: 5.6.1.308 - McAfee, Inc.) Hidden
McAfee Agent (HKLM-x32\...\McAfeeAgent) (Version: 5.6.1.308 - McAfee, Inc.)
McAfee Data Exchange Layer for MA (HKLM\...\{FEE8AD9B-C4D7-4F07-89AC-88C28E2B8809}) (Version: 5.0.10249.0 - McAfee LLC) Hidden
McAfee Data Exchange Layer for MA (HKLM-x32\...\{a3f1e826-e1b0-460f-8113-6624beacab1b}) (Version: 5.0.1.249 - McAfee LLC) Hidden
McAfee Endpoint Security Adaptive Threat Protection (HKLM\...\{377DA1C7-79DE-4102-8DB7-5C2296A3E960}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Firewall (HKLM\...\{6F88C6E9-CAD0-4D03-99E1-161383F9AD6F}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Platform (HKLM\...\{B16DE18D-4D5D-45F8-92BD-8DC17225AFD8}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Threat Prevention (HKLM\...\{820D7600-089E-486B-860F-279B8119A893}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Web Control (HKLM\...\{5974413A-8D95-4D64-B9EE-40DF28186445}) (Version: 10.7.0 - McAfee, LLC.)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1029}) (Version: 8.0.182 - Nero AG)
NQuotes (HKLM-x32\...\NQuotes) (Version: 1.13 - Brainroom Ltd.)
oCam 버전 515.0 (HKLM-x32\...\oCam_is1) (Version: 515.0 - hxxp://ohsoft.net/)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4 A) (Version: 4.00 - MetaQuotes Ltd.)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4) (Version: 4.00 - MetaQuotes Software Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Slovník Verdict Free (a internetový překladač) (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Verdict Free) (Version: - )
Sonic Foundry Sound Forge 6.0a (HKLM-x32\...\{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}) (Version: 6.0.150 - Sonic Foundry)
Telegram Desktop version 2.7.4 (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.4 - Telegram FZ-LLC)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
Video Viewer (HKLM-x32\...\Video Viewer) (Version: 0.1.9.7 - AVTECH Corporation, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSO Downloader 5.1.1.69 (HKLM-x32\...\{3C5CD638-CAD0-4F6C-81FD-B37D47B411F7}_is1) (Version: 5.1.1.69 - VSO Software)
VSO Image Resizer 1.3.4d (HKLM-x32\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.157 - McAfee, LLC)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{F92064F6-BDE8-46FC-A19F-4E12D311BE3A}) (Version: 1.0.30 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.0.1.1219 - Xilisoft)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )
Zoom (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\ZoomUMX) (Version: 5.2.2 (45108.0831) - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-01] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
McAfee Endpoint Security Web Control -> C:\Program Files\WindowsApps\5A894077.McAfeeEndpointSecurityWebControl_10.7.3.0_x86__wafk5atnkzcwy [2020-10-14] (McAfee Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-11] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.22101.0_x64__8wekyb3d8bbwe [2021-04-24] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-18] (Netflix, Inc.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2905597249-1629462600-326273939-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2905597249-1629462600-326273939-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\aaa\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-08-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ImageResizer] -> {C6193976-9333-4E73-96BA-7B21CA942187} => C:\Program Files (x86)\VSO\Image Resizer\RSZShell64.dll [2007-01-24] (VSO Software SARL) [File not signed]
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-15 14:37 - 2020-12-15 14:37 - 001950208 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2018-01-22 20:50 - 2010-09-26 21:31 - 000073728 ____R (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\exvmuvc.ax
2018-01-22 20:50 - 2010-09-28 13:04 - 000081920 _____ (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\VmicCommonIR.dll
2018-01-22 20:50 - 2010-06-21 16:56 - 000077824 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\FlydCamCtrl.dll
2018-01-22 20:50 - 2010-09-28 14:43 - 000147456 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\Plugins\immirrc.dll
2018-01-22 20:50 - 2010-06-21 16:56 - 000073728 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\TiaDecFac.dll
2018-01-22 20:51 - 2010-06-10 16:10 - 000081920 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydblapl.ax
2018-01-22 20:51 - 2010-05-18 18:23 - 000196608 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydcam.ax

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Toolbar: HKLM-x32 - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2020-01-23 10:01 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2905597249-1629462600-326273939-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "IMMON"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "EpicPen"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\StartupFolder: => "Telegram.lnk"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{38F8858B-DD30-4CED-B6A4-9D8A849DE640}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{04101C78-00BA-4BA5-94A8-B4B3C1FC16B3}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{E81ACD9B-9F79-4CA0-82CC-9F976E297C45}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{178C6B30-3CBF-4ECE-9060-ECFE1173B7A0}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{608C9E9E-AE0C-4A8A-B759-EB9423A21412}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{1235A4DE-BEA2-402F-882B-6195C22AE353}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Allow) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [TCP Query User{FE2B040D-2F2D-4443-B2C0-5587EAB714FF}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Allow) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [UDP Query User{2BB6BFBA-EA99-4A80-B02C-5150A0A5B261}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CEC3BE18-E637-450B-B5DE-10467C29D7BD}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2FAA2F69-7BA2-4BBB-93D4-E3D9FA529C57}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FF9A6185-44A3-4AAF-B848-28DA8331245E}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{624D843E-3005-4174-A38C-232C59DAE6D1}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{876C1C26-4B4F-4F6F-8F6C-D29CE0751ED2}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{595DF0CA-5356-40B0-9D41-C79748FE4D29}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Block) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [TCP Query User{669FD538-0D37-4D05-A9AF-34F0AF9590EE}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Block) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [UDP Query User{9DED04E5-CBBB-4BE1-92A6-1936398BF5B9}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [TCP Query User{EF6C2B77-156B-48E3-AA55-7B39F06DDBE7}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{07BE12DB-7DB6-4E76-9076-8713C59F0439}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [TCP Query User{E032C053-8342-4D02-A5FF-EA1BF4094C92}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [UDP Query User{05388E02-D273-4010-9FEC-47A76A9BFCCF}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [TCP Query User{51DD86A4-7A3B-4D5B-9A1C-AFB229613AF8}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [{8473AAD1-96D9-4CDB-8F8F-BB181A3D29D5}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{917A3821-484C-4B61-8498-B89208B30163}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{43CC3079-FC02-4D11-8496-A0FA0795E7A4}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{26C8ABBB-C5E4-4EE4-B2DA-5879EA24EA5D}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [UDP Query User{BB0DB695-0B30-443D-B291-451D981C30AA}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [TCP Query User{81A37EFA-7493-4F1C-93FC-92A56DCF6789}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [{BF260DAD-8FD3-43DB-B554-170AAA390C3A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{41B55316-CCE3-4118-B69F-E04AC94C3D3B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [UDP Query User{B28E1106-7C65-4998-973D-6B42C576F506}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FDE4B27C-D078-4CB2-8F86-20447217832D}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
FirewallRules: [UDP Query User{BD0A65AF-223E-49BC-9E97-A873F55DE117}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe => No File
FirewallRules: [TCP Query User{807389EF-F73E-498A-8F33-68B9224FB859}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe => No File
FirewallRules: [UDP Query User{0697B737-5D05-4738-ADFA-2E77ECE3178D}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe => No File
FirewallRules: [TCP Query User{B0743B75-93A8-44EA-A969-92311DDD56CD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FD769A59-594E-41CE-95FA-D0C6B69CC3D3}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{8BF7EB87-E13D-4FE8-8301-564719B0E349}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6444DB01-25D1-45AD-9905-8D634C3A9362}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [TCP Query User{0390A106-3AF7-4363-A748-3F4455E14EF7}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [{68EF71F6-AF14-41F2-B131-F7B442CBE9E8}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{C9DC3E7B-2870-4617-AB22-AB93F6314765}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{142A2E18-D95F-4C53-AA9D-2CB997F46C1E}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{8155F672-63A1-49F9-896E-9511CA903A65}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{99D1E8FB-AAD8-40F0-8EF9-6EE8BD5CA390}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{1D6A71AF-1ADE-46D9-A1F6-FA5F8BF89B33}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{29DBEAF4-1771-4F6C-9FD8-77F5F381E08F}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{0E8A3579-2D1D-4BB9-BA79-BCBB4B828C2B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{28C31ACC-F509-44A6-AC1F-D9B690F335E6}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{AFC98497-7732-4BEC-BB8E-B08871DBCA2C}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [TCP Query User{BB9736D6-BA41-4001-BBDB-81FF6FA7A576}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FB12E5DD-F9AA-4DE2-93FA-8C265F94DDF3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{79C32572-946E-48CF-90CA-B64E7CB95191}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [UDP Query User{523EC6D2-0E8A-4FB8-A508-A795F55E382E}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [{4F05A4CF-5509-4268-AFB5-EB40A5D085B5}] => (Allow) C:\Program Files\Admiral Markets MT5\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Ltd.)
FirewallRules: [{A3518309-723E-4FB4-BC64-103B9708AA00}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C3E3B695-92AC-4FD9-964C-CCA5051F02CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FEC2B40D-EB55-41D3-85C1-3AE600561D45}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F7F912BC-FB5B-45C8-A67D-3DF4671B80E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C6847437-B74D-4F00-B801-3F5F89FE1E54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C07B6C3C-A546-496B-8406-3A40DD561660}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{34F7FAC2-711E-451F-AB7A-7C9A074D9A56}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{B72E368E-EB1A-4A2E-AA28-9CA706034BAE}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{BE4D5273-D152-48A8-8286-0A3D43960B42}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{6603F3F9-089A-46CD-8193-E1D1F212F022}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

27-04-2021 17:16:32 Naplánovaný kontrolní bod
05-05-2021 18:25:09 Instalační služba modulů systému Windows
12-05-2021 09:37:14 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/13/2021 05:27:42 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe, which accessed HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\WINDOWSDEFENDER, violating the rule "T1060 - New Startup Program Creation". Access was allowed because the rule wasn't configured to block.

Error: (05/13/2021 05:16:51 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-1JNUR2R)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/13/2021 05:16:12 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe, which accessed HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\WINDOWSDEFENDER, violating the rule "T1060 - New Startup Program Creation". Access was allowed because the rule wasn't configured to block.

Error: (05/13/2021 05:16:03 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe, which accessed HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\WINDOWSDEFENDER, violating the rule "T1060 - New Startup Program Creation". Access was allowed because the rule wasn't configured to block.

Error: (05/12/2021 07:37:16 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/12/2021 07:37:15 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\COUNT, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/12/2021 07:37:14 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/12/2021 07:37:12 PM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\COUNT, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

System errors:
=============
Error: (05/13/2021 05:12:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Soubor nebo adresář je porušen a není čitelný.

Error: (05/13/2021 05:10:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby mfevtp bylo dosaženo časového limitu (30000 ms).

Error: (05/13/2021 05:09:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby mfemms bylo dosaženo časového limitu (30000 ms).

Error: (05/13/2021 05:09:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba User Energy Server Service queencreek byla ukončena s následující chybou:
Ovladač %2 vrátil neplatné číslo ID pro podřízené zařízení (%3).

Error: (05/13/2021 05:09:11 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Energy Server Service queencreek se po přijetí pokynu pro vypnutí neukončila správně.

Error: (05/13/2021 12:43:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1JNUR2R)
Description: Server microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2021 03:12:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Soubor nebo adresář je porušen a není čitelný.

Error: (05/12/2021 03:10:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby mfemms bylo dosaženo časového limitu (30000 ms).

Windows Defender:
================
Date: 2021-03-11 17:13:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {892DF1EA-BBD6-461B-A2D3-28C1360D2023}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-11 15:05:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {850DB06C-C932-46F1-B2D0-B4CFE78F6B15}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-11 14:25:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A77881F2-3E65-40E1-A6DB-DF80043B2CCC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-11 11:41:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {216C81BB-E3D4-4D05-832D-241E3090D571}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-11 10:55:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8983F09E-E80D-4D52-A7F3-EE3EC51AB444}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-13 21:29:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.333.160.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17900.7
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2020-11-13 17:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2020-11-13 17:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2020-11-13 17:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2020-11-13 16:49:36
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

CodeIntegrity:
===============
Date: 2021-05-13 17:37:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\Endpoint Security\Threat Prevention\MfeAmsiProvider.dll that did not meet the Windows signing level requirements.

Date: 2021-05-13 17:26:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\Endpoint Security\Threat Prevention\MfeAmsiProvider.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F4 02/06/2012
Motherboard: Gigabyte Technology Co., Ltd. H55M-D2H
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 73%
Total physical RAM: 3767.49 MB
Available physical RAM: 994.69 MB
Total Virtual: 7863.49 MB
Available Virtual: 4506.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.51 GB) (Free:393.4 GB) NTFS
Drive d: () (Fixed) (Total:931.41 GB) (Free:372.9 GB) NTFS

\\?\Volume{f2781714-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{f2781714-0000-0000-0000-40c0e8000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00084F14)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F2781714)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=519 MB) - (Type=27)

==================== End of Addition.txt =======================

Mozete sem, prosim, dat obsah suboru : C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs

Chodte do umiestnenia C:\Program Files\Intel\SUR\QUEENCREEK\x64\ , pravym klik na subor task.vbs -> upravit/otvorit v poznamkovom bloku. Sem vlozte obsah bloku.

nevim jestli je to ono:

<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo>
<Author>Intel(r) Energy Checker</Author>
</RegistrationInfo>
<Triggers>
<LogonTrigger>
<Repetition>
<Interval>PT3H</Interval>
<StopAtDurationEnd>false</StopAtDurationEnd>
</Repetition>
<Enabled>true</Enabled>
<Delay>PT4M</Delay>
</LogonTrigger>
</Triggers>
<Principals>
<Principal id="Author">
<UserId>NT AUTHORITY\SYSTEM</UserId>
<RunLevel>HighestAvailable</RunLevel>
</Principal>
</Principals>
<Settings>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>false</StopIfGoingOnBatteries>
<AllowHardTerminate>true</AllowHardTerminate>
<StartWhenAvailable>false</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
<IdleSettings>
<StopOnIdleEnd>false</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
<AllowStartOnDemand>true</AllowStartOnDemand>
<Enabled>true</Enabled>
<Hidden>false</Hidden>
<RunOnlyIfIdle>false</RunOnlyIfIdle>
<WakeToRun>false</WakeToRun>
<ExecutionTimeLimit>PT3H</ExecutionTimeLimit>
<Priority>2</Priority>
</Settings>
<Actions Context="Author">
<Exec>
<Command>"C:\WINDOWS\System32\Wscript.exe"</Command>
<Arguments>//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"</Arguments>
<WorkingDirectory>C:\Program Files\Intel\SUR\QUEENCREEK\x64</WorkingDirectory>
</Exec>
</Actions>
</Task>

to je .xml subor, ja by som potreboval obsah suboru: C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs

Set objShell = CreateObject("WScript.Shell")
objShell.Run("C:\WINDOWS\system32\cmd.exe /c ""C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.bat"""), 0
Set objShell = Nothing

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
Task: {81795AC2-BBFA-40A9-B4C2-C1A162AC9B67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
Task: {86CEED45-B85C-46AE-9FE1-A62CB3214947} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {C39432B3-5517-49C8-8ACD-F0173769553F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2905597249-1629462600-326273939-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
FirewallRules: [{E81ACD9B-9F79-4CA0-82CC-9F976E297C45}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{178C6B30-3CBF-4ECE-9060-ECFE1173B7A0}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [UDP Query User{2BB6BFBA-EA99-4A80-B02C-5150A0A5B261}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CEC3BE18-E637-450B-B5DE-10467C29D7BD}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2FAA2F69-7BA2-4BBB-93D4-E3D9FA529C57}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FF9A6185-44A3-4AAF-B848-28DA8331245E}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{624D843E-3005-4174-A38C-232C59DAE6D1}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{876C1C26-4B4F-4F6F-8F6C-D29CE0751ED2}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{9DED04E5-CBBB-4BE1-92A6-1936398BF5B9}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [TCP Query User{EF6C2B77-156B-48E3-AA55-7B39F06DDBE7}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{07BE12DB-7DB6-4E76-9076-8713C59F0439}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [TCP Query User{E032C053-8342-4D02-A5FF-EA1BF4094C92}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [UDP Query User{05388E02-D273-4010-9FEC-47A76A9BFCCF}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [TCP Query User{51DD86A4-7A3B-4D5B-9A1C-AFB229613AF8}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{BB0DB695-0B30-443D-B291-451D981C30AA}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [TCP Query User{81A37EFA-7493-4F1C-93FC-92A56DCF6789}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{B28E1106-7C65-4998-973D-6B42C576F506}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FDE4B27C-D078-4CB2-8F86-20447217832D}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
FirewallRules: [UDP Query User{BD0A65AF-223E-49BC-9E97-A873F55DE117}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe => No File
FirewallRules: [TCP Query User{807389EF-F73E-498A-8F33-68B9224FB859}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe => No File
FirewallRules: [UDP Query User{0697B737-5D05-4738-ADFA-2E77ECE3178D}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe => No File
FirewallRules: [TCP Query User{B0743B75-93A8-44EA-A969-92311DDD56CD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FD769A59-594E-41CE-95FA-D0C6B69CC3D3}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{8BF7EB87-E13D-4FE8-8301-564719B0E349}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6444DB01-25D1-45AD-9905-8D634C3A9362}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [TCP Query User{0390A106-3AF7-4363-A748-3F4455E14EF7}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [{68EF71F6-AF14-41F2-B131-F7B442CBE9E8}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{C9DC3E7B-2870-4617-AB22-AB93F6314765}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{142A2E18-D95F-4C53-AA9D-2CB997F46C1E}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{8155F672-63A1-49F9-896E-9511CA903A65}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{99D1E8FB-AAD8-40F0-8EF9-6EE8BD5CA390}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{1D6A71AF-1ADE-46D9-A1F6-FA5F8BF89B33}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{29DBEAF4-1771-4F6C-9FD8-77F5F381E08F}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{0E8A3579-2D1D-4BB9-BA79-BCBB4B828C2B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{28C31ACC-F509-44A6-AC1F-D9B690F335E6}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{AFC98497-7732-4BEC-BB8E-B08871DBCA2C}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [TCP Query User{79C32572-946E-48CF-90CA-B64E7CB95191}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [UDP Query User{523EC6D2-0E8A-4FB8-A508-A795F55E382E}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [TCP Query User{BB9736D6-BA41-4001-BBDB-81FF6FA7A576}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FB12E5DD-F9AA-4DE2-93FA-8C265F94DDF3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-05-2021
Ran by aaa (13-05-2021 19:29:34) Run:1
Running from C:\Users\aaa\Desktop
Loaded Profiles: defaultuser0 & aaa
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
Task: {81795AC2-BBFA-40A9-B4C2-C1A162AC9B67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
Task: {86CEED45-B85C-46AE-9FE1-A62CB3214947} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {C39432B3-5517-49C8-8ACD-F0173769553F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2905597249-1629462600-326273939-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
FirewallRules: [{E81ACD9B-9F79-4CA0-82CC-9F976E297C45}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{178C6B30-3CBF-4ECE-9060-ECFE1173B7A0}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [UDP Query User{2BB6BFBA-EA99-4A80-B02C-5150A0A5B261}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CEC3BE18-E637-450B-B5DE-10467C29D7BD}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2FAA2F69-7BA2-4BBB-93D4-E3D9FA529C57}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FF9A6185-44A3-4AAF-B848-28DA8331245E}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{624D843E-3005-4174-A38C-232C59DAE6D1}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{876C1C26-4B4F-4F6F-8F6C-D29CE0751ED2}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{9DED04E5-CBBB-4BE1-92A6-1936398BF5B9}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [TCP Query User{EF6C2B77-156B-48E3-AA55-7B39F06DDBE7}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{07BE12DB-7DB6-4E76-9076-8713C59F0439}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [TCP Query User{E032C053-8342-4D02-A5FF-EA1BF4094C92}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => No File
FirewallRules: [UDP Query User{05388E02-D273-4010-9FEC-47A76A9BFCCF}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [TCP Query User{51DD86A4-7A3B-4D5B-9A1C-AFB229613AF8}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{BB0DB695-0B30-443D-B291-451D981C30AA}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [TCP Query User{81A37EFA-7493-4F1C-93FC-92A56DCF6789}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{B28E1106-7C65-4998-973D-6B42C576F506}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FDE4B27C-D078-4CB2-8F86-20447217832D}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
FirewallRules: [UDP Query User{BD0A65AF-223E-49BC-9E97-A873F55DE117}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe => No File
FirewallRules: [TCP Query User{807389EF-F73E-498A-8F33-68B9224FB859}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe => No File
FirewallRules: [UDP Query User{0697B737-5D05-4738-ADFA-2E77ECE3178D}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe => No File
FirewallRules: [TCP Query User{B0743B75-93A8-44EA-A969-92311DDD56CD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FD769A59-594E-41CE-95FA-D0C6B69CC3D3}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [TCP Query User{8BF7EB87-E13D-4FE8-8301-564719B0E349}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6444DB01-25D1-45AD-9905-8D634C3A9362}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [TCP Query User{0390A106-3AF7-4363-A748-3F4455E14EF7}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [{68EF71F6-AF14-41F2-B131-F7B442CBE9E8}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{C9DC3E7B-2870-4617-AB22-AB93F6314765}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{142A2E18-D95F-4C53-AA9D-2CB997F46C1E}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{8155F672-63A1-49F9-896E-9511CA903A65}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe => No File
FirewallRules: [{99D1E8FB-AAD8-40F0-8EF9-6EE8BD5CA390}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{1D6A71AF-1ADE-46D9-A1F6-FA5F8BF89B33}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{29DBEAF4-1771-4F6C-9FD8-77F5F381E08F}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{0E8A3579-2D1D-4BB9-BA79-BCBB4B828C2B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{28C31ACC-F509-44A6-AC1F-D9B690F335E6}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [{AFC98497-7732-4BEC-BB8E-B08871DBCA2C}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe => No File
FirewallRules: [TCP Query User{79C32572-946E-48CF-90CA-B64E7CB95191}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [UDP Query User{523EC6D2-0E8A-4FB8-A508-A795F55E382E}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe => No File
FirewallRules: [TCP Query User{BB9736D6-BA41-4001-BBDB-81FF6FA7A576}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FB12E5DD-F9AA-4DE2-93FA-8C265F94DDF3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)

EmptyTemp:
*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81795AC2-BBFA-40A9-B4C2-C1A162AC9B67}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81795AC2-BBFA-40A9-B4C2-C1A162AC9B67}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{86CEED45-B85C-46AE-9FE1-A62CB3214947}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86CEED45-B85C-46AE-9FE1-A62CB3214947}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C39432B3-5517-49C8-8ACD-F0173769553F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C39432B3-5517-49C8-8ACD-F0173769553F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKU\S-1-5-21-2905597249-1629462600-326273939-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145} => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E81ACD9B-9F79-4CA0-82CC-9F976E297C45}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{178C6B30-3CBF-4ECE-9060-ECFE1173B7A0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2BB6BFBA-EA99-4A80-B02C-5150A0A5B261}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CEC3BE18-E637-450B-B5DE-10467C29D7BD}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2FAA2F69-7BA2-4BBB-93D4-E3D9FA529C57}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FF9A6185-44A3-4AAF-B848-28DA8331245E}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{624D843E-3005-4174-A38C-232C59DAE6D1}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{876C1C26-4B4F-4F6F-8F6C-D29CE0751ED2}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9DED04E5-CBBB-4BE1-92A6-1936398BF5B9}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EF6C2B77-156B-48E3-AA55-7B39F06DDBE7}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{07BE12DB-7DB6-4E76-9076-8713C59F0439}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E032C053-8342-4D02-A5FF-EA1BF4094C92}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{05388E02-D273-4010-9FEC-47A76A9BFCCF}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{51DD86A4-7A3B-4D5B-9A1C-AFB229613AF8}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BB0DB695-0B30-443D-B291-451D981C30AA}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{81A37EFA-7493-4F1C-93FC-92A56DCF6789}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B28E1106-7C65-4998-973D-6B42C576F506}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FDE4B27C-D078-4CB2-8F86-20447217832D}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BD0A65AF-223E-49BC-9E97-A873F55DE117}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{807389EF-F73E-498A-8F33-68B9224FB859}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0697B737-5D05-4738-ADFA-2E77ECE3178D}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B0743B75-93A8-44EA-A969-92311DDD56CD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FD769A59-594E-41CE-95FA-D0C6B69CC3D3}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8BF7EB87-E13D-4FE8-8301-564719B0E349}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6444DB01-25D1-45AD-9905-8D634C3A9362}C:\program files (x86)\videoviewer\videoviewer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0390A106-3AF7-4363-A748-3F4455E14EF7}C:\program files (x86)\videoviewer\videoviewer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68EF71F6-AF14-41F2-B131-F7B442CBE9E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C9DC3E7B-2870-4617-AB22-AB93F6314765}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{142A2E18-D95F-4C53-AA9D-2CB997F46C1E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8155F672-63A1-49F9-896E-9511CA903A65}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99D1E8FB-AAD8-40F0-8EF9-6EE8BD5CA390}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1D6A71AF-1ADE-46D9-A1F6-FA5F8BF89B33}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29DBEAF4-1771-4F6C-9FD8-77F5F381E08F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E8A3579-2D1D-4BB9-BA79-BCBB4B828C2B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{28C31ACC-F509-44A6-AC1F-D9B690F335E6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AFC98497-7732-4BEC-BB8E-B08871DBCA2C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{79C32572-946E-48CF-90CA-B64E7CB95191}C:\program files (x86)\videoviewer\videoviewer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{523EC6D2-0E8A-4FB8-A508-A795F55E382E}C:\program files (x86)\videoviewer\videoviewer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BB9736D6-BA41-4001-BBDB-81FF6FA7A576}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FB12E5DD-F9AA-4DE2-93FA-8C265F94DDF3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 272022725 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 728480 B
Edge => 53440 B
Chrome => 512312273 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 57386 B
NetworkService => 65725156 B
defaultuser0 => 65725156 B
aaa => 139226711 B

RecycleBin => 0 B
EmptyTemp: => 1016.7 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 19:32:05 ====

Dobre.

Poprosim o nove logy FRST + ADDITION

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05-2021
Ran by aaa (administrator) on DESKTOP-1JNUR2R (ATComputers COMFOR DIABLO I65) (16-05-2021 10:55:34)
Running from C:\Users\aaa\Desktop
Loaded Profiles: aaa
Platform: Windows 10 Pro Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AVSolution\mcshield.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\macmnsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\masvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\macompatsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mctray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mfemactl.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewc.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\mfeatp.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Endpoint Security Platform\mfeesp.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Firewall\mfefw.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfeensppl.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\Endpoint Security\Threat Prevention\mfetp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(OORT inc. -> oh!soft) C:\Program Files (x86)\oCam\oCamTask.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vicamon.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vmonproc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IMMON] => C:\Program Files (x86)\IM Magician\Vicamon.exe [143360 2010-09-28] (Vimisoft Studio) [File not signed]
HKLM-x32\...\Run: [IMMONSUPPORT] => "C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [52553728 2020-07-10] (Hammer & Chisel Inc. -> Hammer & Chisel, Inc.)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe [654112 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
HKLM-x32\...\Run: [EpicPen] => C:\Program Files (x86)\Epic Pen\EpicPen.exe [779152 2020-02-20] (Tank Studios LTD -> )
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-03] (Nero AG -> Nero AG)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [Discord] => C:\Users\aaa\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\XRXS1PC: C:\Windows\System32\spool\prtprocs\x64\xrxs1pc.dll [33792 2007-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\PJL Language Monitor: C:\WINDOWS\system32\PJLMON.DLL [24064 2021-04-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\XRXS1 Langmon: C:\WINDOWS\system32\xrxs1l6.dll [22016 2007-03-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
Startup: C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2020-04-07]
ShortcutTarget: Telegram.lnk -> C:\Users\aaa\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2504594E-DEC7-4257-BB7A-E5A3D2BCBB9A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {476FD06C-9440-43D5-B420-27FEDC5AE2F1} - System32\Tasks\G2MUploadTask-S-1-5-21-2905597249-1629462600-326273939-1001 => C:\Users\aaa\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {71C37E72-5579-4A38-A6E8-566DD5108E9C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7257B0EB-FF5C-4072-8F68-9AD114EF6407} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {889AA1FF-880D-4D3B-AF59-A8BDD327FD9D} - System32\Tasks\G2MUpdateTask-S-1-5-21-2905597249-1629462600-326273939-1001 => C:\Users\aaa\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9EF66458-5B74-4E85-A5D2-24D4E8F1C6E5} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {BD5D8378-F11C-4D37-A816-E2F1D77F855F} - System32\Tasks\oCamTask => C:\Program Files (x86)\oCam\oCamTask.exe [148816 2019-09-06] (OORT inc. -> oh!soft)
Task: {DB4CBE4B-5881-49C0-9E39-BB296E2059F9} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {DFC4141C-1D5B-4C24-B902-9C7F22207E4C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2905597249-1629462600-326273939-1001.job => C:\Users\aaa\AppData\Local\GoToMeeting\19598\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2905597249-1629462600-326273939-1001.job => C:\Users\aaa\AppData\Local\GoToMeeting\19598\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{14b0b5df-90a9-4ebf-9aed-aaa7b8c0f122}: [DhcpNameServer] 10.0.0.138

Edge:
=======
DownloadDir: C:\Users\aaa\Desktop
Edge HomeButtonPage: HKU\S-1-5-21-2905597249-1629462600-326273939-1001 -> hxxp://www.seznam.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\aaa\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-16]
Edge DownloadDir: Default -> C:\Users\aaa\Desktop
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxps://google.com/"
Edge Session Restore: Default -> is enabled.

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-11-13] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi
FF Extension: (McAfee Endpoint Security Web Control) - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi [2019-10-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{cb40da56-497a-4add-955d-3377cae4c33b}] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\e10swcffplg.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default [2021-05-16]
CHR DownloadDir: C:\Users\aaa\Desktop
CHR Notifications: Default -> hxxps://app.cryptokingdom.tech
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-30]
CHR Extension: (Dokumenty) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-30]
CHR Extension: (Disk Google) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-30]
CHR Extension: (YouTube) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-30]
CHR Extension: (Tabulky) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-21]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2021-04-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-16]
CHR Profile: C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-13]
CHR Profile: C:\Users\aaa\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [jjkchpdmjjdmalgembblgafllbpcjlei] - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mcchplg.crx [2019-10-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 macmnsvc; C:\Program Files\McAfee\Agent\macmnsvc.exe [241456 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
R2 masvc; C:\Program Files\McAfee\Agent\masvc.exe [179552 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [956760 2020-11-13] () [File not signed]
R3 McAfeeFramework; C:\Program Files\McAfee\Agent\x86\macompatsvc.exe [261640 2019-07-11] (McAfee, Inc. -> McAfee LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R2 mfewc; C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\mfewc.exe [319792 2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG -> Nero AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-05-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-05-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2017-06-05] (Sony Mobile Communications AB -> Sony Mobile Communications)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [379824 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [107440 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfeepmpk; C:\WINDOWS\System32\drivers\mfeepmpk.sys [226432 2020-10-14] (McAfee, Inc. -> McAfee, LLC.)
S3 MfeEpNfcp; C:\WINDOWS\System32\drivers\MfeEpNfcp.sys [93568 2021-05-04] (McAfee, Inc. -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517040 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfehck; C:\WINDOWS\System32\drivers\mfehck.sys [89520 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [993712 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [563640 2020-10-14] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107448 2020-10-14] (McAfee, Inc. -> McAfee LLC.)
R1 mfenlfk; C:\WINDOWS\system32\DRIVERS\mfenlfk.sys [82352 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2020-10-14] (McAfee, Inc. -> McAfee, LLC)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421088 2021-05-13] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-05-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-16 11:07 - 2021-05-16 11:07 - 000000000 ____D C:\Users\aaa\Desktop\siri will
2021-05-16 10:55 - 2021-05-16 11:00 - 000021178 _____ C:\Users\aaa\Desktop\FRST.txt
2021-05-16 10:55 - 2021-05-16 10:55 - 000000000 ____D C:\Users\aaa\Desktop\FRST-OlderVersion
2021-05-15 12:36 - 2021-05-15 12:36 - 000000000 ____D C:\Users\aaa\Desktop\Standa škola
2021-05-15 12:36 - 2021-05-15 12:36 - 000000000 ____D C:\Users\aaa\Desktop\MOJE OBCHODY
2021-05-13 17:09 - 2021-05-13 17:09 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000006-000000.txt
2021-05-13 09:52 - 2021-05-13 18:07 - 000000000 ____D C:\Users\aaa\Desktop\ROOM kopie
2021-05-12 20:27 - 2021-05-12 20:28 - 000000000 ____D C:\Users\aaa\Desktop\SESTŘÍHAT
2021-05-12 19:45 - 2021-05-12 19:45 - 004246377 _____ C:\Users\aaa\Desktop\eBook_ReportMetaTrader4_HQ.pdf
2021-05-12 15:10 - 2021-05-12 15:10 - 000001435 _____ C:\WINDOWS\system32\default_error_stack-000005-000000.txt
2021-05-12 14:28 - 2021-05-12 14:28 - 000001311 _____ C:\Users\aaa\Desktop\Země nomádů oscar 2021(2020)Cz.Titulky – zástupce.lnk
2021-05-12 10:51 - 2021-05-12 10:51 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-10 17:42 - 2021-05-10 09:56 - 000000043 _____ C:\Users\aaa\Desktop\TTW SLOVENSKO.txt
2021-05-09 21:12 - 2021-05-09 21:12 - 000012052 _____ C:\Users\aaa\Desktop\Obchodní deník ADAM.xlsx
2021-05-09 20:28 - 2021-05-12 13:28 - 000000000 ____D C:\Users\aaa\Desktop\HODAN OBCHODY
2021-05-09 12:18 - 2021-05-09 12:18 - 000001285 _____ C:\Users\aaa\Desktop\České fotbalové legendy_ Karel Poborský – zástupce.lnk
2021-05-08 12:22 - 2021-05-08 12:22 - 000000000 ____D C:\Users\aaa\Desktop\Safe telefon
2021-05-07 18:52 - 2021-05-07 18:52 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000004-000000.txt
2021-05-07 18:08 - 2021-05-07 20:47 - 000000000 ____D C:\Users\aaa\Desktop\Bee Gees
2021-05-06 14:07 - 2021-05-06 14:12 - 000000000 ____D C:\AdwCleaner
2021-05-06 11:21 - 2021-05-06 11:21 - 008534696 _____ (Malwarebytes) C:\Users\aaa\Desktop\adwcleaner_8.2.exe
2021-05-05 20:56 - 2021-05-16 10:58 - 000000000 ____D C:\FRST
2021-05-05 20:44 - 2021-05-16 10:55 - 002299392 _____ (Farbar) C:\Users\aaa\Desktop\FRST64.exe
2021-05-05 19:30 - 2021-05-05 19:30 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-05 19:30 - 2021-05-05 19:30 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-05 19:30 - 2021-05-05 19:30 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-05 19:29 - 2021-05-05 19:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-05 19:29 - 2021-05-05 19:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-05 19:29 - 2021-05-05 19:29 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-05 19:29 - 2021-05-05 19:29 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-05 19:28 - 2021-05-05 19:28 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-05 19:27 - 2021-05-05 19:27 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-05 19:27 - 2021-05-05 19:27 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-05 19:27 - 2021-05-05 19:27 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-05 19:27 - 2021-05-05 19:27 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-05 19:26 - 2021-05-05 19:26 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-05 18:39 - 2021-05-05 18:40 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000003-000000.txt
2021-04-29 12:12 - 2021-04-29 12:12 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000002-000000.txt
2021-04-20 21:17 - 2021-04-20 21:17 - 000001458 _____ C:\Users\aaa\Desktop\Korelace Ondry – zástupce.lnk
2021-04-17 16:21 - 2021-04-17 16:21 - 000000892 _____ C:\Users\aaa\Desktop\MT 4 A ZÁLOHA – zástupce.lnk
2021-04-17 16:19 - 2021-04-17 16:19 - 000002042 _____ C:\Users\aaa\Desktop\AE91483A2C1AB18F5CE478007E23752E – zástupce.lnk
2021-04-17 16:07 - 2021-05-15 12:14 - 000000000 ____D C:\Program Files (x86)\Purple Trading MT4 A
2021-04-17 16:07 - 2021-04-17 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purple Trading MT4 A

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-16 11:08 - 2016-12-02 22:53 - 000000000 ___RD C:\Users\aaa\OneDrive
2021-05-16 10:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-16 10:05 - 2020-10-15 23:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-05-16 08:46 - 2017-10-01 17:18 - 000000000 ____D C:\Program Files\CCleaner
2021-05-15 12:08 - 2020-11-16 21:01 - 000000000 ____D C:\Program Files (x86)\Purple Trading MT4
2021-05-15 12:04 - 2020-10-15 22:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-15 11:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-15 11:25 - 2018-02-06 15:10 - 000000000 ____D C:\Users\aaa\AppData\Roaming\Telegram Desktop
2021-05-15 11:18 - 2020-05-08 16:07 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-15 11:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-14 18:43 - 2017-07-30 17:41 - 000000000 ____D C:\Users\aaa\Desktop\Marie Tatrnová
2021-05-14 18:07 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-05-13 19:35 - 2020-10-15 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-13 19:35 - 2020-10-15 22:54 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-13 19:34 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-13 19:31 - 2017-08-22 19:52 - 000000000 ____D C:\Users\aaa\AppData\LocalLow\Temp
2021-05-13 17:27 - 2018-03-15 11:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-12 19:39 - 2017-08-02 13:16 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-12 15:13 - 2020-10-15 22:54 - 000442920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-12 15:13 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-12 15:08 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-12 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-12 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-12 11:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 09:24 - 2016-12-03 00:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 09:07 - 2016-12-03 00:25 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-12 06:49 - 2019-07-30 23:28 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-10 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-07 20:55 - 2020-10-15 23:12 - 001693204 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-07 20:55 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-07 20:55 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-07 19:06 - 2018-01-30 01:30 - 000000000 ____D C:\Users\aaa\AppData\Local\Packages
2021-05-07 18:56 - 2017-08-11 21:45 - 000000000 ___RD C:\Users\aaa\Desktop\NÁSTROJE
2021-05-06 14:07 - 2017-09-13 21:59 - 000000000 ____D C:\Users\aaa\AppData\Local\Microsoft Help
2021-05-06 09:41 - 2020-10-15 23:45 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2905597249-1629462600-326273939-1001
2021-05-06 09:41 - 2020-10-15 22:59 - 000002400 _____ C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-05 22:23 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-05 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-05 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-05 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-05 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-05 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-05 22:08 - 2019-12-07 16:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-05 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-05 22:07 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-05 22:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-05 22:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-05 22:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-05 20:13 - 2019-12-07 16:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-05 19:49 - 2020-11-22 19:33 - 000000000 ____D C:\Users\aaa\AppData\Roaming\EpicPen
2021-05-04 09:39 - 2020-10-14 18:31 - 000093568 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\MfeEpNfcp.sys
2021-04-30 18:55 - 2018-11-25 23:40 - 000000000 ___HD C:\Users\aaa\Desktop\ACRCallsBackup
2021-04-27 16:27 - 2017-09-12 18:44 - 000000000 ____D C:\Users\aaa\AppData\Roaming\vlc
2021-04-26 09:42 - 2020-10-16 00:21 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a337560a0dc6
2021-04-26 09:42 - 2020-10-15 23:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-21 21:11 - 2020-08-23 15:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-21 12:11 - 2018-03-25 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-04-21 12:11 - 2018-03-25 12:44 - 000000000 ____D C:\Program Files (x86)\Java
2021-04-21 12:09 - 2018-03-25 12:45 - 000164640 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-04-17 16:04 - 2019-04-28 18:38 - 000000000 ____D C:\Users\aaa\AppData\Roaming\MetaQuotes

==================== Files in the root of some directories ========

2019-05-28 11:03 - 2019-06-23 19:51 - 000004608 _____ () C:\Users\aaa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-13 21:20 - 2017-09-13 21:20 - 000000017 _____ () C:\Users\aaa\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021
Ran by aaa (16-05-2021 11:09:58)
Running from C:\Users\aaa\Desktop
Windows 10 Pro Version 20H2 19042.985 (X64) (2020-10-15 21:47:23)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

aaa (S-1-5-21-2905597249-1629462600-326273939-1001 - Administrator - Enabled) => C:\Users\aaa
Administrator (S-1-5-21-2905597249-1629462600-326273939-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2905597249-1629462600-326273939-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2905597249-1629462600-326273939-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2905597249-1629462600-326273939-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2905597249-1629462600-326273939-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Endpoint Security (Enabled - Up to date) {A37DD4B2-BDFF-70DA-DE19-9F9927D6940F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Endpoint Security (Enabled) {9B465597-F790-7182-F546-36ACD905D374}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.11 (HKLM-x32\...\{26CB5429-1141-40FC-A7AA-F13AC1458D10}) (Version: 4.11.3.3420 - Open Media LLC)
Admiral Markets MT5 (HKLM\...\Admiral Markets MT5) (Version: 5.00 - MetaQuotes Software Corp.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}) (Version: 9.0.115.0 - Adobe Systems, Inc.)
ANTSvc version 1.0.0.0 (HKLM-x32\...\ANTSvc_is1) (Version: 1.0.0.0 - ANTSvc)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
Discord (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16.0.9 - Poikosoft)
Epic Pen (HKLM-x32\...\Epic Pen_is1) (Version: v3.9.29.0 - TANK Studios LTD)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
Intel(R) Computing Improvement Program (HKLM\...\{848F0123-CF5D-4192-90EC-A6574D8B1796}) (Version: 2.4.06522 - Intel Corporation)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
McAfee Agent (HKLM\...\{F01CC7C9-9545-494A-9A8E-F52037F8BE8E}) (Version: 5.6.1.308 - McAfee, Inc.) Hidden
McAfee Agent (HKLM-x32\...\McAfeeAgent) (Version: 5.6.1.308 - McAfee, Inc.)
McAfee Data Exchange Layer for MA (HKLM\...\{FEE8AD9B-C4D7-4F07-89AC-88C28E2B8809}) (Version: 5.0.10249.0 - McAfee LLC) Hidden
McAfee Data Exchange Layer for MA (HKLM-x32\...\{a3f1e826-e1b0-460f-8113-6624beacab1b}) (Version: 5.0.1.249 - McAfee LLC) Hidden
McAfee Endpoint Security Adaptive Threat Protection (HKLM\...\{377DA1C7-79DE-4102-8DB7-5C2296A3E960}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Firewall (HKLM\...\{6F88C6E9-CAD0-4D03-99E1-161383F9AD6F}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Platform (HKLM\...\{B16DE18D-4D5D-45F8-92BD-8DC17225AFD8}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Threat Prevention (HKLM\...\{820D7600-089E-486B-860F-279B8119A893}) (Version: 10.7.0 - McAfee, LLC.)
McAfee Endpoint Security Web Control (HKLM\...\{5974413A-8D95-4D64-B9EE-40DF28186445}) (Version: 10.7.0 - McAfee, LLC.)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1029}) (Version: 8.0.182 - Nero AG)
NQuotes (HKLM-x32\...\NQuotes) (Version: 1.13 - Brainroom Ltd.)
oCam 버전 515.0 (HKLM-x32\...\oCam_is1) (Version: 515.0 - hxxp://ohsoft.net/)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4 A) (Version: 4.00 - MetaQuotes Ltd.)
Purple Trading MT4 (HKLM-x32\...\Purple Trading MT4) (Version: 4.00 - MetaQuotes Software Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Slovník Verdict Free (a internetový překladač) (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Verdict Free) (Version: - )
Sonic Foundry Sound Forge 6.0a (HKLM-x32\...\{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}) (Version: 6.0.150 - Sonic Foundry)
Telegram Desktop version 2.7.4 (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.4 - Telegram FZ-LLC)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
Video Viewer (HKLM-x32\...\Video Viewer) (Version: 0.1.9.7 - AVTECH Corporation, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSO Downloader 5.1.1.69 (HKLM-x32\...\{3C5CD638-CAD0-4F6C-81FD-B37D47B411F7}_is1) (Version: 5.1.1.69 - VSO Software)
VSO Image Resizer 1.3.4d (HKLM-x32\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.157 - McAfee, LLC)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{F92064F6-BDE8-46FC-A19F-4E12D311BE3A}) (Version: 1.0.30 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.0.1.1219 - Xilisoft)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )
Zoom (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\ZoomUMX) (Version: 5.2.2 (45108.0831) - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-01] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
McAfee Endpoint Security Web Control -> C:\Program Files\WindowsApps\5A894077.McAfeeEndpointSecurityWebControl_10.7.3.0_x86__wafk5atnkzcwy [2020-10-14] (McAfee Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-11] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.22101.0_x64__8wekyb3d8bbwe [2021-04-24] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-18] (Netflix, Inc.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2905597249-1629462600-326273939-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\aaa\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-08-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ImageResizer] -> {C6193976-9333-4E73-96BA-7B21CA942187} => C:\Program Files (x86)\VSO\Image Resizer\RSZShell64.dll [2007-01-24] (VSO Software SARL) [File not signed]
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-15 14:37 - 2020-12-15 14:37 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2020-12-15 14:37 - 2020-12-15 14:37 - 001950208 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2018-01-22 20:50 - 2010-09-26 21:31 - 000073728 ____R (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\exvmuvc.ax
2018-01-22 20:50 - 2010-09-28 13:04 - 000081920 _____ (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\VmicCommonIR.dll
2018-01-22 20:50 - 2010-06-21 16:56 - 000077824 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\FlydCamCtrl.dll
2018-01-22 20:50 - 2010-09-28 14:43 - 000147456 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\Plugins\immirrc.dll
2018-01-22 20:50 - 2010-06-21 16:56 - 000073728 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\TiaDecFac.dll
2018-01-22 20:51 - 2010-06-10 16:10 - 000081920 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydblapl.ax
2018-01-22 20:51 - 2010-05-18 18:23 - 000196608 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydcam.ax

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee Endpoint Security Web Control (Browser Help Object) -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Toolbar: HKLM-x32 - McAfee Endpoint Security Web Control (Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\x64\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\Endpoint Security\Web Control\McIEPlugin.dll [2019-10-15] (McAfee, Inc. -> McAfee, LLC.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2020-01-23 10:01 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2905597249-1629462600-326273939-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "IMMON"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "EpicPen"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\StartupFolder: => "Telegram.lnk"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{38F8858B-DD30-4CED-B6A4-9D8A849DE640}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{04101C78-00BA-4BA5-94A8-B4B3C1FC16B3}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{608C9E9E-AE0C-4A8A-B759-EB9423A21412}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{1235A4DE-BEA2-402F-882B-6195C22AE353}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Allow) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [TCP Query User{FE2B040D-2F2D-4443-B2C0-5587EAB714FF}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Allow) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [UDP Query User{595DF0CA-5356-40B0-9D41-C79748FE4D29}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Block) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [TCP Query User{669FD538-0D37-4D05-A9AF-34F0AF9590EE}C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe] => (Block) C:\program files (x86)\vso\vso downloader\5\vsodownloader.exe (VSO SOFTWARE -> VSO Software)
FirewallRules: [{8473AAD1-96D9-4CDB-8F8F-BB181A3D29D5}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{917A3821-484C-4B61-8498-B89208B30163}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{43CC3079-FC02-4D11-8496-A0FA0795E7A4}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{26C8ABBB-C5E4-4EE4-B2DA-5879EA24EA5D}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{BF260DAD-8FD3-43DB-B554-170AAA390C3A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{41B55316-CCE3-4118-B69F-E04AC94C3D3B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{4F05A4CF-5509-4268-AFB5-EB40A5D085B5}] => (Allow) C:\Program Files\Admiral Markets MT5\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Ltd.)
FirewallRules: [{A3518309-723E-4FB4-BC64-103B9708AA00}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C3E3B695-92AC-4FD9-964C-CCA5051F02CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FEC2B40D-EB55-41D3-85C1-3AE600561D45}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F7F912BC-FB5B-45C8-A67D-3DF4671B80E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C6847437-B74D-4F00-B801-3F5F89FE1E54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C07B6C3C-A546-496B-8406-3A40DD561660}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{34F7FAC2-711E-451F-AB7A-7C9A074D9A56}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{B72E368E-EB1A-4A2E-AA28-9CA706034BAE}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{BE4D5273-D152-48A8-8286-0A3D43960B42}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{6603F3F9-089A-46CD-8193-E1D1F212F022}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

27-04-2021 17:16:32 Naplánovaný kontrolní bod
05-05-2021 18:25:09 Instalační služba modulů systému Windows
12-05-2021 09:37:14 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/16/2021 10:40:39 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/16/2021 10:40:38 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\NEXTINSTANCE, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/16/2021 10:40:38 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\COUNT, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/16/2021 10:40:37 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\COUNT, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/16/2021 10:40:36 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\0, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/16/2021 10:40:36 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\0, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/16/2021 10:40:35 AM) (Source: McAfee Endpoint Security) (EventID: 3) (User: NT AUTHORITY)
Description: EventID=18060

NT AUTHORITY\SYSTEM ran System\System, which accessed HKLM\SYSTEM\CONTROLSET001\SERVICES\USBSTOR\ENUM\, violating the rule "USB Storage Device Inserted". Access was allowed because the rule wasn't configured to block.

Error: (05/15/2021 11:11:58 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-1JNUR2R)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

System errors:
=============
Error: (05/14/2021 02:45:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/13/2021 07:35:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Soubor nebo adresář je porušen a není čitelný.

Error: (05/13/2021 07:34:28 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby mfemms bylo dosaženo časového limitu (30000 ms).

Error: (05/13/2021 05:12:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Soubor nebo adresář je porušen a není čitelný.

Error: (05/13/2021 05:10:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby mfevtp bylo dosaženo časového limitu (30000 ms).

Error: (05/13/2021 05:09:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby mfemms bylo dosaženo časového limitu (30000 ms).

Error: (05/13/2021 05:09:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba User Energy Server Service queencreek byla ukončena s následující chybou:
Ovladač %2 vrátil neplatné číslo ID pro podřízené zařízení (%3).

Error: (05/13/2021 05:09:11 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Energy Server Service queencreek se po přijetí pokynu pro vypnutí neukončila správně.

Windows Defender:
================
Date: 2021-05-13 19:33:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CC5BF2F0-6C58-41EB-B15B-C1AF3682E491}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-13 19:19:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F0C00ED3-FC1E-4622-8BE4-95614116B225}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-13 19:15:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {778405FD-799D-4D16-9E11-2647B5755E59}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-13 19:09:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {48F4C0D2-F07E-46A2-A11B-21DC2D0D3686}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-13 18:52:46
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {56D905AC-7DEE-4F6C-974F-71D493E5AF9F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-13 21:29:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.333.160.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17900.7
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2020-11-13 17:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2020-11-13 17:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2020-11-13 17:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2020-11-13 16:49:36
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.325.1331.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

CodeIntegrity:
===============
Date: 2021-05-16 08:52:10
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\McAfee\Endpoint Security\Threat Prevention\amcfg.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-05-16 08:44:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\Endpoint Security\Threat Prevention\MfeAmsiProvider.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F4 02/06/2012
Motherboard: Gigabyte Technology Co., Ltd. H55M-D2H
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 79%
Total physical RAM: 3767.49 MB
Available physical RAM: 758.13 MB
Total Virtual: 7863.49 MB
Available Virtual: 4037.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.51 GB) (Free:381.03 GB) NTFS
Drive d: () (Fixed) (Total:931.41 GB) (Free:372.71 GB) NTFS
Drive e: () (Removable) (Total:14.42 GB) (Free:5.8 GB) FAT32

\\?\Volume{f2781714-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{f2781714-0000-0000-0000-40c0e8000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00084F14)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F2781714)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=519 MB) - (Type=27)

==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.4 GB) (Disk ID: 1C14CDC9)
Partition 1: (Active) - (Size=14.4 GB) - (Type=0C)

==================== End of Addition.txt =======================

Ok, posledne docistenie:

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Preferujte ako je na tom pocitac?

VIRY.CZ

prosím o kontrolu logu

prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu