VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=158094

Stránka 1 z 1

Prosím o kontrolu logu

Napsal: 21 kvě 2021 21:46
od Dominator
Dobrý den, prosím o kontrolu logů. NTB příšerně pomalý skoro na něm nelze pracovat.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2021
Ran by helen (administrator) on DESKTOP-CCEJ3K8 (Dell Inc. Inspiron 5567) (21-05-2021 22:39:35)
Running from C:\Users\helen\Desktop
Loaded Profiles: helen
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe#18E2EFCE8052C822
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [19638160 2016-12-28] (Entertainment Experience LLC -> Entertainment Experience)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [975744 2017-05-01] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [SearcherBar] => C:\WINDOWS\SysWOW64\mshta.exe [13312 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\helen\AppData\Local\Microsoft\Teams\Update.exe [2454184 2021-05-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Run: [SnailDriver] => C:\Program Files (x86)\SnailSuite\SnailDriver\SnailLaunch.exe [814592 2016-09-17] (SnailDrivers) [File not signed]
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\MountPoints2: {8e361b08-792b-11eb-a643-bca8a6dcbb25} - "E:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {096FFE9C-E073-4D56-A4D5-17B919A56DD5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114032 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1117EE2D-E3D0-44CC-BBE1-2E46D36E2EBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13D3CA01-842C-4ADD-9E6F-3B033AD48636} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {1480905E-B1C9-4B57-8E49-4AB52CD7FBBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1C3CA52D-CDBB-4E70-9B99-8DB218268217} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {373AA7E9-F660-4A96-B4E8-4A00CFFDD50E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {398D5520-D434-486F-9B19-F780BD37B747} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3C5043DD-8893-4CD1-BC7B-7925960EF45C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1121152 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {56B17EB2-29E0-4520-9ADF-705FBD950BBA} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5BBB844E-39F6-41E5-9992-286C4B80D454} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6669F19D-99A5-49BE-A0A0-ED1924906CCA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BD37B09-CC5F-4B94-8135-5154270DD8BF} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6FDAEE44-32D6-4BB9-BC73-ED380D146DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {727AA9B4-E04E-4DBF-993D-E1603E47C881} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114032 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {8475EE3D-3C04-4743-8D3D-6DE9FFB01313} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {969B3B9F-1EBB-4323-A9C9-8ED9F0E18716} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {B42B0538-FF11-4D3E-B3C9-2B9232E5AF73} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {CCA9C6E3-62B2-4BBA-A949-33ECD54802F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCFD5778-8C7A-4F80-AC7E-0187A2C0083C} - System32\Tasks\Opera scheduled Autoupdate 1621617730 => C:\Users\helen\AppData\Local\Programs\Opera\launcher.exe [2199704 2021-05-12] (Opera Software AS -> Opera Software)
Task: {FCC82AA3-C936-4838-8863-EB4077C4AC04} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{810721c0-fa75-4977-b035-551a3d3a9a5a}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\helen\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-21]
Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]

FireFox:
========
FF DefaultProfile: p8ml5zkk.default
FF ProfilePath: C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\p8ml5zkk.default [2020-11-02]
FF Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2020-11-10] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF ProfilePath: C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release [2021-05-14]
FF Extension: (AdBlock — best ad blocker) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-11-20]
FF Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release\Extensions\rapportext@trusteer.com.xpi [2020-11-11] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default [2021-05-21]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.edarling.cz; hxxps://www.facebook.com; hxxps://www.luxor.cz; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.cz/webhp?source=search_app&g ... 8weO9oCICw
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-28]
CHR Extension: (Dokumenty) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-28]
CHR Extension: (Disk Google) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2021-02-18]
CHR Extension: (YouTube) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Tabulky) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-11]
CHR Extension: (Space) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hifhddjdplehpbndiikdofeaopbimfmi [2020-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera:
=======
OPR Profile: C:\Users\helen\AppData\Roaming\Opera Software\Opera Stable [2021-05-21]


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2021
Ran by helen (21-05-2021 22:36:33)
Running from C:\Users\helen\Desktop
Windows 10 Home Version 20H2 19042.985 (X64) (2020-12-22 14:43:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1911357360-3452808120-2699024319-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1911357360-3452808120-2699024319-503 - Limited - Disabled)
Guest (S-1-5-21-1911357360-3452808120-2699024319-501 - Limited - Disabled)
helen (S-1-5-21-1911357360-3452808120-2699024319-1001 - Administrator - Enabled) => C:\Users\helen
WDAGUtilityAccount (S-1-5-21-1911357360-3452808120-2699024319-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.5.2 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8431b7d7-59d1-4f45-8212-a2eac049528f}) (Version: 19.60.0 - Intel Corporation)
Branding64 (HKLM\...\{871DA3E4-7743-4CDB-B95E-995DA5DA9B23}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Chrone Browser (HKLM-x32\...\Chrone Browser) (Version: 86.0.4240.198 - iStart)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9177.0 - Waves Audio Ltd.) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13929.20386 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Název společnosti:)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.2004.84 - Trusteer)
Opera Stable 76.0.4017.123 (HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Opera 76.0.4017.123) (Version: 76.0.4017.123 - Opera Software)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.2004.84 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.)
SearcherBar (HKLM-x32\...\SearcherBar) (Version: 0.3 - ) <==== ATTENTION
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Název společnosti:)
SnailDriver version 1.0.0.3 (HKLM-x32\...\{3189DA22-4E71-4794-9F3D-39A3DE0062DE}_is1) (Version: 1.0.0.3 - SnailSuite)
True Color (HKLM\...\{843D1B75-7A4E-4C8C-8348-BDF6C6EC3333}) (Version: 1.0.1.1 - Entertainment Experience LLC) Hidden
True Color (HKLM-x32\...\{c38d939e-31d4-44fa-a07a-d28915046b7d}) (Version: 7.9.0.0 - Entertainment Experience)
True Color XML Tables (HKLM\...\{EAE8B515-AC0E-46A8-AA41-CAD18E4094CD}) (Version: 7.10.0.0 - Entertainment Experience LLC) Hidden
TrueColorXMLTables (HKLM-x32\...\{bf377b78-c440-4ce9-a962-2fde04e6d4cd}) (Version: 7.10.0.0 - Entertainment Experience)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.177 - McAfee, LLC)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-12] (HP Inc.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\db6ea5db.mediasuiteessentialsfordell_2.6.4028.0_x86__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-12] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-10-28] (Netflix, Inc.)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3224.0_x86__mcezb6ze687jp [2021-03-08] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\db6ea5db.power2gofordell_11.0.3920.0_x86__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\db6ea5db.powerdirectorfordell_15.0.4409.0_x64__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.971.0_x64__rh07ty8m5nkag [2021-05-17] (Rivet Networks LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2020-10-28] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-05-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxDTCM.dll [2020-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-07-18 16:27 - 2018-07-18 16:27 - 000747520 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> DefaultScope {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-12-18] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-12-18] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\helen\Desktop\Helen\fotky\IMG_20180529_134842.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\StartupApproved\Run: => "SnailDriver"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D2D8420F-8133-48A0-816D-E2C5A22BCD4D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{7758BC82-DA89-4397-96FD-B94C956383EE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{392676CE-5B65-40E3-9A0F-1289C7D57E6A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DA300A6-DEBC-42F6-BC35-F977BB8329A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B85A59F3-77C5-4172-BE9D-A6994C0720A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A67BD598-88A4-4874-A561-54A5F8BF48CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CCD4163A-EA7A-422A-B169-4F2B705E8AD7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{98A93CD0-21D5-42A4-B52F-2BB45FE687EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5DC8D434-3C5A-45F4-86AB-70A69E9F7F66}] => (Allow) C:\Users\helen\AppData\Local\Temp\DriverPack-20210521191155\tools\aria2c.exe () [File not signed]
FirewallRules: [{069992CF-0543-424B-BF51-7A2A47FB7559}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{D69BF1AD-FE52-4335-A022-A0BE3DE23265}] => (Allow) C:\Users\helen\AppData\Roaming\DRPSu\Alice\cloud.exe => No File
FirewallRules: [{18050115-626F-4DA8-889A-E1D692993215}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\76.0.4017.123_0\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

21-05-2021 17:46:14 AMDCleanupUtility Restore Point
21-05-2021 21:38:55 AdwCleaner_BeforeCleaning_21/05/2021_21:38:55
21-05-2021 22:11:54 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/21/2021 09:40:41 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:41 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:41 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:40 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:40 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:40 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:40 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/21/2021 09:40:40 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4


System errors:
=============
Error: (05/21/2021 09:41:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CCEJ3K8)
Description: Server {7160A13D-73DA-4CEA-95B9-37356478588A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Rivet AP Selector Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SmartByte Analytics Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Wizard Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Event Log byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ##ID_STRING86## byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 300 milisekund: Restartovat službu.

Error: (05/21/2021 09:40:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2021-05-21 22:28:09
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\filmy\FRST.exe; webfile:_C:\Users\helen\Desktop\filmy\FRST.exe|https://download.bleepingcomputer.com/d ... 4886946956
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:27:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 4679758296
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:10:14
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 4127603958
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:09:39
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 3774169815
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:08:08
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Wacapew.C!ml
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\helen\Desktop\FRST64.exe; webfile:_C:\Users\helen\Desktop\FRST64.exe|https://download.bleepingcomputer.com/d ... 2851061308
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-14 21:22:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-05-13 17:18:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.486.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-05-07 09:01:51
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.61.0
Předchozí verze bezpečnostních informací: 1.337.661.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-07 09:01:51
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.61.0
Předchozí verze bezpečnostních informací: 1.337.661.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-07 09:01:51
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: Dell Inc. 1.3.1 10/05/2020
Motherboard: Dell Inc. 0C6XG5
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 53%
Total physical RAM: 8090.5 MB
Available physical RAM: 3802.19 MB
Total Virtual: 11162.5 MB
Available Virtual: 5900.02 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:914.56 GB) (Free:833.19 GB) NTFS

\\?\Volume{8f23e1a0-654d-4a77-b7ad-6fed692c9b5c}\ (WINRETOOLS) (Fixed) (Total:0.79 GB) (Free:0.39 GB) NTFS
\\?\Volume{8ae861fd-f73d-40b7-945d-889735320419}\ (Image) (Fixed) (Total:13.36 GB) (Free:0.12 GB) NTFS
\\?\Volume{b3ce438a-2986-4c7b-bb18-44c9501e20c3}\ () (Fixed) (Total:1.12 GB) (Free:0.56 GB) NTFS
\\?\Volume{3ba28014-12b5-4a5b-ed52-46c4f65441b1}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:1.04 GB) NTFS
\\?\Volume{e1e36ce6-d7ba-4f2a-a585-a6fb65db55a1}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7BF277CB)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Prosím o kontrolu logu

Napsal: 23 kvě 2021 10:34
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Prosím o kontrolu logu

Napsal: 23 kvě 2021 12:56
od Dominator
Dobrý den, adwcleanerem jsem to právě projel už v pátek, tak přikládám i log z prvního scanu + ten dnešní (první v pořadí).
Ještě doplňuji, že po tom prvním čištění co jsem dělal sám, je to dost lepší, ale pořád se mi to nezdá OK.
NTB někdy zamrzne i na půl minuty, když se nic neděje a využítí CPU na 100% s procesem "Systémové přerušení".
Četl jsem, že to můžou dělat ovladače, tak jsem všechny co jsem našel zaktualizoval, ale jak říkám furt se mi to uplně nezdá. Předem díky.

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-23-2021
# Duration: 00:00:09
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted youndoo

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3268 octets] - [21/05/2021 21:38:22]
AdwCleaner[C00].txt - [3537 octets] - [21/05/2021 21:41:27]
AdwCleaner[S01].txt - [1534 octets] - [23/05/2021 13:46:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########





# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-21-2021
# Duration: 00:00:45
# OS: Windows 10 Home
# Cleaned: 21
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\helen\AppData\Roaming\DRPSu

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\Wow6432Node\drpsu

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted youndoo

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellHelp&Support Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\DELL HELP & SUPPORT
Deleted Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Deleted Preinstalled.DellQuickset Folder C:\ProgramData\DELL\QUICKSET
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Classes\CLSID\{5CF37A65-BBB9-41FE-B88D-DD61422E9E3C}
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|QuickSet
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|QuickSet
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Deleted Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS
Deleted Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1DD6245-7E5C-44C4-8891-6F87310E6DAB}
Deleted Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Deleted Preinstalled.SmartByte Task C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3268 octets] - [21/05/2021 21:38:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Prosím o kontrolu logu

Napsal: 23 kvě 2021 15:45
od Rudy
Dejte nové logy FRST+Addition.

Re: Prosím o kontrolu logu

Napsal: 23 kvě 2021 18:42
od Dominator
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2021
Ran by helen (administrator) on DESKTOP-CCEJ3K8 (Dell Inc. Inspiron 5567) (23-05-2021 19:27:45)
Running from C:\Users\helen\Desktop
Loaded Profiles: helen
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366969.inf_amd64_011e273f4453e6ec\B367342\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366969.inf_amd64_011e273f4453e6ec\B367342\atiesrxx.exe
(Entertainment Experience LLC -> ) C:\Program Files\TrueColor\TrueColorALS.exe
(Entertainment Experience LLC -> Entertainment Experience) C:\Program Files\TrueColor\TrueColorUI.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxext.exe <2>
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_fc9ac11e55f51133\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [19638160 2016-12-28] (Entertainment Experience LLC -> Entertainment Experience)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [975744 2017-05-01] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\helen\AppData\Local\Microsoft\Teams\Update.exe [2454184 2021-05-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\MountPoints2: {8e361b08-792b-11eb-a643-bca8a6dcbb25} - "E:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {096FFE9C-E073-4D56-A4D5-17B919A56DD5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114032 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1117EE2D-E3D0-44CC-BBE1-2E46D36E2EBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1480905E-B1C9-4B57-8E49-4AB52CD7FBBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1C3CA52D-CDBB-4E70-9B99-8DB218268217} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {373AA7E9-F660-4A96-B4E8-4A00CFFDD50E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A6C5144-8B43-4675-95CA-7F563FAD30C5} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3C5043DD-8893-4CD1-BC7B-7925960EF45C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1121152 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {48DA47BB-ACD3-48F2-98AE-47C3BF5F8549} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {56B17EB2-29E0-4520-9ADF-705FBD950BBA} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5BBB844E-39F6-41E5-9992-286C4B80D454} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6669F19D-99A5-49BE-A0A0-ED1924906CCA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BD37B09-CC5F-4B94-8135-5154270DD8BF} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6BEB5B84-8016-475E-8B07-D3D425D5E307} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6FDAEE44-32D6-4BB9-BC73-ED380D146DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {727AA9B4-E04E-4DBF-993D-E1603E47C881} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114032 2021-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {8475EE3D-3C04-4743-8D3D-6DE9FFB01313} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {969B3B9F-1EBB-4323-A9C9-8ED9F0E18716} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {CCA9C6E3-62B2-4BBA-A949-33ECD54802F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCFD5778-8C7A-4F80-AC7E-0187A2C0083C} - System32\Tasks\Opera scheduled Autoupdate 1621617730 => C:\Users\helen\AppData\Local\Programs\Opera\launcher.exe
Task: {FCC82AA3-C936-4838-8863-EB4077C4AC04} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{810721c0-fa75-4977-b035-551a3d3a9a5a}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\helen\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-23]
Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]

FireFox:
========
FF DefaultProfile: p8ml5zkk.default
FF ProfilePath: C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\p8ml5zkk.default [2020-11-02]
FF Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2020-11-10] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF ProfilePath: C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release [2021-05-23]
FF Extension: (AdBlock — best ad blocker) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-11-20]
FF Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\82ctfknc.default-release\Extensions\rapportext@trusteer.com.xpi [2020-11-11] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default [2021-05-23]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.edarling.cz; hxxps://www.facebook.com; hxxps://www.luxor.cz; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.cz/webhp?source=search_app&g ... 8weO9oCICw
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-28]
CHR Extension: (Dokumenty) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-28]
CHR Extension: (Disk Google) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (IBM Security Rapport) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2021-02-18]
CHR Extension: (YouTube) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Tabulky) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-11]
CHR Extension: (Space) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hifhddjdplehpbndiikdofeaopbimfmi [2020-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]
CHR HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3008896 2020-08-18] (IBM -> IBM Corp.)
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-05-23] (Razer USA Ltd. -> Razer Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14283048 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [93072 2016-12-12] (Entertainment Experience LLC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [27896 2021-05-19] (WDKTestCert Amit_K_Tiwari,132158070448517957 -> )
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-07-27] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKsl4b000416; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5096F5A4-EDC2-40CB-B037-CAFC87B6C9D1}\MpKslDrv.sys [107744 2021-05-23] (Microsoft Windows -> Microsoft Corporation)
S1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [450240 2020-08-18] (IBM -> IBM Corp.)
S1 RapportCerberus_2004080; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2004080.sys [1460480 2020-11-11] (IBM -> IBM Corp.)
S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [546056 2020-08-18] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [398984 2020-08-18] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [448904 2020-08-18] (IBM -> IBM Corp.)
S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [564928 2020-08-18] (IBM -> IBM Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-23 19:27 - 2021-05-23 19:29 - 000021380 _____ C:\Users\helen\Desktop\FRST.txt
2021-05-23 19:26 - 2021-05-23 19:26 - 002299904 _____ (Farbar) C:\Users\helen\Desktop\FRST64.exe
2021-05-23 19:16 - 2021-05-23 19:16 - 000000018 _____ C:\Users\helen\Desktop\Nový textový dokument.txt
2021-05-23 19:14 - 2021-05-23 19:14 - 002012160 _____ (Farbar) C:\Users\helen\Desktop\FRST.exe
2021-05-23 19:05 - 2021-05-23 19:11 - 000000000 ____D C:\Users\helen\AppData\Local\TeamViewer
2021-05-23 19:04 - 2021-05-23 19:04 - 000000895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-05-23 19:04 - 2021-05-23 19:04 - 000000883 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-05-23 19:04 - 2021-05-23 19:04 - 000000000 ____D C:\Users\helen\AppData\Roaming\TeamViewer
2021-05-23 19:03 - 2021-05-23 19:18 - 000000000 ____D C:\Program Files\TeamViewer
2021-05-23 19:02 - 2021-05-23 19:02 - 032159600 _____ (TeamViewer Germany GmbH) C:\Users\helen\Desktop\TeamViewer_Setup_x64.exe
2021-05-23 16:30 - 2021-05-23 16:30 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-05-23 16:30 - 2021-05-23 16:30 - 000003078 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-05-23 14:39 - 2021-05-23 14:39 - 000002089 _____ C:\Users\helen\Desktop\zaloha.cfg
2021-05-23 13:43 - 2021-05-23 13:43 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-22 09:21 - 2021-05-22 09:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-05-21 22:32 - 2021-05-23 19:28 - 000000000 ____D C:\FRST
2021-05-21 22:11 - 2021-05-21 22:11 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\helen\Desktop\rkill.exe
2021-05-21 22:11 - 2021-05-21 22:11 - 001790024 _____ (Malwarebytes) C:\Users\helen\Desktop\JRT.exe
2021-05-21 22:10 - 2021-05-21 22:10 - 005659583 _____ (Swearware) C:\Users\helen\Desktop\ComboFix.exe
2021-05-21 21:37 - 2021-05-21 21:40 - 000000000 ____D C:\AdwCleaner
2021-05-21 20:22 - 2021-05-21 20:22 - 000004210 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1621617730
2021-05-21 20:12 - 2021-05-21 20:12 - 000000000 _____ C:\WINDOWS\SysWOW64\d3dx11_42.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 003404288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libcrypto-1_1-x64.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 000722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb40032.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libssl-1_1-x64.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 000466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 000445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2021-05-21 20:10 - 1987-12-19 23:00 - 000123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2021-05-21 20:09 - 1987-12-19 23:00 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
2021-05-21 20:09 - 1987-12-19 23:00 - 000222360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tabctl32.ocx
2021-05-21 20:09 - 1987-12-19 23:00 - 000219288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\richtx32.ocx
2021-05-21 20:09 - 1987-12-19 23:00 - 000210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll
2021-05-21 20:09 - 1987-12-19 23:00 - 000127640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswinsck.ocx
2021-05-21 20:09 - 1987-12-19 23:00 - 000109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2021-05-21 20:09 - 1987-12-19 23:00 - 000104088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\picclp32.ocx
2021-05-21 20:09 - 1987-12-19 23:00 - 000084624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysinfo.ocx
2021-05-21 20:08 - 1987-12-19 23:00 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2021-05-21 20:08 - 1987-12-19 23:00 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2021-05-21 20:07 - 1987-12-19 23:00 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2021-05-21 20:07 - 1987-12-19 23:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP70.DLL
2021-05-21 20:06 - 1987-12-19 23:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2021-05-21 20:06 - 1987-12-19 23:00 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2021-05-21 20:05 - 1987-12-19 23:00 - 001070232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll
2021-05-21 20:05 - 1987-12-19 23:00 - 000660120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomct2.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000444328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MShflxgd.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000279192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatgrd.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000259736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msflxgrd.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatlst.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000179352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmask32.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000131728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.ocx
2021-05-21 20:05 - 1987-12-19 23:00 - 000119960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomm32.ocx
2021-05-21 20:04 - 1987-12-19 23:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2021-05-21 20:04 - 1987-12-19 23:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2021-05-21 20:03 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2021-05-21 20:03 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2021-05-21 20:03 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2021-05-21 20:02 - 1987-12-19 23:00 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2021-05-21 20:02 - 1987-12-19 23:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2021-05-21 20:01 - 1987-12-19 23:00 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2021-05-21 20:01 - 1987-12-19 23:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2021-05-21 20:01 - 1987-12-19 23:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2021-05-21 20:00 - 1987-12-19 23:00 - 001017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2021-05-21 20:00 - 1987-12-19 23:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll
2021-05-21 19:59 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll
2021-05-21 19:59 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll
2021-05-21 19:59 - 1987-12-19 23:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll
2021-05-21 19:58 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll
2021-05-21 19:58 - 1987-12-19 23:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll
2021-05-21 19:57 - 1987-12-19 23:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll
2021-05-21 19:57 - 1987-12-19 23:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll
2021-05-21 19:57 - 1987-12-19 23:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll
2021-05-21 19:56 - 1987-12-19 23:00 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libcrypto-1_1.dll
2021-05-21 19:56 - 1987-12-19 23:00 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2021-05-21 19:56 - 1987-12-19 23:00 - 001024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2021-05-21 19:56 - 1987-12-19 23:00 - 000617896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libssl-1_1.dll
2021-05-21 19:56 - 1987-12-19 23:00 - 000416408 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\comct332.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000218776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dblist32.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000212112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mci32.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000170920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comct232.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000163480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2021-05-21 19:56 - 1987-12-19 23:00 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2021-05-21 19:55 - 1987-12-19 23:00 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll
2021-05-21 19:23 - 2021-05-23 15:48 - 000000000 ____D C:\Users\helen\AppData\Local\Opera Software
2021-05-21 19:21 - 2021-05-22 07:50 - 000000000 ____D C:\Chrone
2021-05-21 19:21 - 2021-05-21 19:21 - 000000000 ____D C:\Users\helen\AppData\Roaming\Opera Software
2021-05-21 19:20 - 2021-05-21 19:20 - 000000000 ____D C:\Users\helen\.cache
2021-05-21 18:57 - 2021-05-21 18:57 - 000000000 ____D C:\Users\helen\AppData\Roaming\Dell
2021-05-21 18:36 - 2021-05-21 18:36 - 000000000 ____D C:\Users\helen\AppData\Local\OO Software
2021-05-21 18:33 - 2021-05-21 18:34 - 001403760 _____ (O&O Software GmbH) C:\Users\helen\Desktop\OOSU10.exe
2021-05-21 18:18 - 2021-05-22 09:34 - 000000000 ____D C:\Users\helen\AppData\Local\CrashDumps
2021-05-21 18:17 - 2021-05-21 18:17 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\D3DSCache
2021-05-21 18:16 - 2021-05-21 18:17 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\AMD
2021-05-21 18:16 - 2021-05-21 18:16 - 000000000 ____D C:\Users\defaultuser100000\AppData\LocalLow\Intel
2021-05-21 18:15 - 2021-05-21 18:17 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Packages
2021-05-21 18:15 - 2021-05-21 18:15 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\VirtualStore
2021-05-21 18:14 - 2021-05-21 18:15 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Intel
2021-05-21 18:14 - 2021-05-21 18:15 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\ConnectedDevicesPlatform
2021-05-21 18:14 - 2021-05-21 18:14 - 000000020 ___SH C:\Users\defaultuser100000\ntuser.ini
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Šablony
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Soubory cookie
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Poslední
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Okolní tiskárny
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Okolní síť
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Nabídka Start
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Dokumenty
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Obrázky
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Hudba
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Filmy
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\Data aplikací
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Local\Data aplikací
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 __SHD C:\Users\defaultuser100000\IntelGraphicsProfiles
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 ____D C:\Users\defaultuser100000\AppData\Roaming\Intel
2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 ____D C:\Users\defaultuser100000
2021-05-21 18:14 - 2020-11-30 18:19 - 000000000 ____D C:\Users\defaultuser100000\AppData\Roaming\Intel Corporation
2021-05-21 18:14 - 2020-11-11 22:57 - 000000000 ____D C:\Users\defaultuser100000\AppData\Roaming\Mozilla
2021-05-21 18:14 - 2020-11-11 22:55 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Trusteer
2021-05-21 18:14 - 2020-06-20 08:15 - 000000000 ___RD C:\Users\defaultuser100000\OneDrive
2021-05-21 18:14 - 2019-12-07 11:10 - 000001105 _____ C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-21 18:09 - 2021-05-21 18:09 - 000003488 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-05-21 18:09 - 2021-05-21 18:09 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-05-21 18:09 - 2021-05-21 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Link For Windows
2021-05-21 18:09 - 2021-05-21 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-05-21 18:08 - 2021-05-21 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-05-21 18:07 - 2021-05-21 18:08 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-05-21 18:01 - 2021-05-21 18:16 - 000000000 ____D C:\ProgramData\AMD
2021-05-21 18:01 - 2021-05-21 18:05 - 000000000 ____D C:\Program Files\AMD
2021-05-21 18:01 - 2021-05-11 09:18 - 002261136 _____ (AMD Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2021-05-21 17:54 - 2021-05-21 17:54 - 000000000 ____D C:\WINDOWS\Panther
2021-05-21 17:45 - 2021-05-17 03:19 - 001857856 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-05-21 17:45 - 2021-05-17 03:19 - 001857856 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-05-21 17:45 - 2021-05-17 03:19 - 001438536 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-05-21 17:45 - 2021-05-17 03:19 - 001438536 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-05-21 17:45 - 2021-05-17 03:19 - 001093736 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 001093736 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000946904 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000946904 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000736576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000620864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000046400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-05-21 17:45 - 2021-05-17 03:19 - 000043328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000496448 _____ C:\WINDOWS\system32\GameManager64.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000492864 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-05-21 17:45 - 2021-05-17 03:18 - 000432448 _____ C:\WINDOWS\system32\EEURestart.exe
2021-05-21 17:45 - 2021-05-17 03:18 - 000379712 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000346432 _____ C:\WINDOWS\system32\clinfo.exe
2021-05-21 17:45 - 2021-05-17 03:18 - 000245056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000212808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000186688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000166712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000166224 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000166208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000156480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000142144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000140600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000090432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000075072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000019880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-05-21 17:45 - 2021-05-17 03:18 - 000019880 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 081573696 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 067153744 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 005800768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 005520200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 001748816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 001535312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 001331536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 001331536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000821056 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-05-21 17:45 - 2021-05-17 03:17 - 000468304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000455992 _____ C:\WINDOWS\system32\atieah64.exe
2021-05-21 17:45 - 2021-05-17 03:17 - 000351552 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-05-21 17:45 - 2021-05-17 03:17 - 000182096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000158360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000135504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000125264 _____ C:\WINDOWS\system32\atidxx64.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000115528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000107328 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-05-21 17:45 - 2021-05-17 03:17 - 000069952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 072481616 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 001685728 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 001365080 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000940880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000768336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000546872 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000489272 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000466256 _____ C:\WINDOWS\system32\amdlogum.exe
2021-05-21 17:45 - 2021-05-17 03:16 - 000379704 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000202144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000169696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000130336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000130336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000108352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-05-21 17:45 - 2021-05-17 03:16 - 000108352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-05-21 17:45 - 2021-05-17 03:15 - 000136000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-05-21 17:45 - 2021-05-17 03:15 - 000120344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-05-21 17:45 - 2021-05-11 09:01 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-05-21 17:45 - 2021-05-11 09:01 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-05-21 17:45 - 2021-05-11 08:59 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2021-05-21 17:45 - 2021-05-11 08:59 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2021-05-21 17:45 - 2021-05-11 08:59 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2021-05-21 17:45 - 2021-05-11 08:59 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2021-05-21 17:45 - 2021-05-11 08:55 - 059164696 _____ C:\WINDOWS\system32\amdxc64.so
2021-05-21 17:45 - 2021-05-11 07:53 - 000558136 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-05-21 17:45 - 2021-05-11 07:53 - 000558136 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-05-21 17:45 - 2021-04-30 15:53 - 000517536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2021-05-21 17:45 - 2021-04-30 15:53 - 000117448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2021-05-21 17:45 - 2020-12-08 22:15 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-05-21 17:45 - 2020-12-02 08:56 - 000012344 _____ C:\WINDOWS\system32\brandingRSX.bmp
2021-05-21 17:45 - 2020-10-22 06:36 - 000012344 _____ C:\WINDOWS\system32\brandingWS_RSX.bmp
2021-05-21 17:45 - 2020-08-05 09:50 - 000011014 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2021-05-21 17:45 - 2020-07-27 09:41 - 000062056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2021-05-21 17:45 - 2020-07-17 20:29 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-05-21 17:45 - 2020-05-22 17:23 - 000000822 _____ C:\WINDOWS\system32\branding.bmp
2021-05-21 17:45 - 2019-01-12 00:27 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2021-05-21 17:45 - 2016-09-02 17:24 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2021-05-21 17:45 - 2013-12-12 15:53 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2021-05-21 17:42 - 2021-05-21 17:42 - 000000000 ____D C:\Users\helen\AppData\Roaming\ATI
2021-05-21 17:41 - 2021-05-21 17:41 - 000000000 ____D C:\Users\helen\AppData\Local\RadeonInstaller
2021-05-21 17:41 - 2021-05-21 17:41 - 000000000 ____D C:\Users\helen\AppData\Local\AMD_Common
2021-05-21 17:38 - 2021-05-21 17:38 - 000000000 ____D C:\Users\helen\AppData\Local\mbam
2021-05-21 17:30 - 2021-05-21 17:30 - 000000000 ____D C:\Users\helen\AppData\Local\CrashRpt
2021-05-21 17:29 - 2021-05-21 17:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-05-21 17:21 - 2021-05-21 17:22 - 000388608 _____ (Trend Micro Inc.) C:\Users\helen\Desktop\HijackThis.exe
2021-05-20 18:50 - 2021-05-20 18:50 - 000002561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-20 18:50 - 2021-05-20 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2021-05-19 17:24 - 2021-05-19 17:24 - 000027896 _____ C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-05-15 08:32 - 2021-05-15 08:32 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-14 21:25 - 2021-05-14 21:25 - 000000000 ____D C:\Users\helen\Desktop\2021-05-14 omluvenka
2021-05-13 17:44 - 2021-05-13 17:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1911357360-3452808120-2699024319-1001
2021-05-13 17:43 - 2021-05-13 17:43 - 000002367 _____ C:\Users\helen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-12 21:28 - 2021-05-12 21:28 - 000258096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-12 10:56 - 2021-05-12 10:56 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-12 10:56 - 2021-05-12 10:56 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-12 10:56 - 2021-05-12 10:56 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-12 10:56 - 2021-05-12 10:56 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-12 10:55 - 2021-05-12 10:55 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-12 10:55 - 2021-05-12 10:55 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-12 10:55 - 2021-05-12 10:55 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-12 10:55 - 2021-05-12 10:55 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-12 10:55 - 2021-05-12 10:55 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-12 10:55 - 2021-05-12 10:55 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-12 10:54 - 2021-05-12 10:54 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-12 10:54 - 2021-05-12 10:54 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-07 11:53 - 2021-05-07 11:56 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-05-04 21:32 - 2021-05-04 21:40 - 000000000 ____D C:\Users\helen\Desktop\cesta PH
2021-05-04 16:41 - 2021-03-12 17:05 - 001034104 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAC.sys
2021-05-04 16:41 - 2021-03-12 17:05 - 000024952 _____ C:\WINDOWS\system32\RstMwEventLogMsg.dll
2021-05-04 16:36 - 2021-04-18 23:08 - 001149432 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-05-04 16:13 - 2021-02-18 21:31 - 009916312 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2021-05-04 16:13 - 2021-02-18 21:31 - 000453560 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2021-04-27 19:51 - 2021-05-23 14:41 - 107216896 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-04-25 10:06 - 2021-04-25 10:06 - 000000000 ____D C:\Users\helen\Desktop\NJ
2021-04-23 16:54 - 2021-04-23 16:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-23 19:23 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-23 18:59 - 2020-12-22 15:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-23 17:21 - 2021-03-16 20:37 - 000015840 _____ C:\Users\helen\Desktop\Fenologické pozorování.ods
2021-05-23 16:26 - 2018-05-02 19:17 - 000000000 __SHD C:\Users\helen\IntelGraphicsProfiles
2021-05-23 14:48 - 2020-11-20 23:40 - 000000000 ____D C:\Program Files\CCleaner
2021-05-23 14:42 - 2020-12-22 16:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-23 14:42 - 2020-12-22 15:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-23 14:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-23 14:42 - 2017-09-28 22:14 - 000000000 ____D C:\Intel
2021-05-23 14:41 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-23 13:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-23 13:43 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-22 17:38 - 2020-10-28 13:16 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-22 17:38 - 2020-10-28 13:16 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-22 17:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-22 11:43 - 2020-10-28 16:12 - 000000000 ____D C:\Users\helen\AppData\Local\Packages
2021-05-22 07:16 - 2020-10-28 16:12 - 000000000 ____D C:\Users\helen\AppData\Local\VirtualStore
2021-05-21 22:31 - 2021-03-01 18:25 - 000000000 ____D C:\filmy
2021-05-21 22:00 - 2020-10-28 16:16 - 000000000 ____D C:\Users\helen\AppData\Local\D3DSCache
2021-05-21 21:41 - 2017-09-28 22:17 - 000000000 ____D C:\ProgramData\Dell
2021-05-21 21:41 - 2017-09-28 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-05-21 21:41 - 2017-09-28 22:10 - 000000000 ____D C:\Program Files\Dell
2021-05-21 20:17 - 2020-10-28 12:59 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-21 20:12 - 2020-12-22 16:08 - 000000000 ____D C:\Users\helen
2021-05-21 19:08 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-21 18:19 - 2020-10-28 16:21 - 000000000 ____D C:\Users\helen\AppData\Local\cache
2021-05-21 18:18 - 2020-10-28 16:15 - 000000000 ____D C:\Users\helen\AppData\Local\AMD
2021-05-21 18:08 - 2020-10-28 12:59 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-05-21 17:51 - 2018-06-12 22:46 - 000000000 ____D C:\AMD
2021-05-21 15:55 - 2021-03-14 22:02 - 000000000 ____D C:\Users\helen\AppData\Roaming\Waves Audio
2021-05-20 18:50 - 2020-09-12 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-05-20 18:49 - 2017-09-28 22:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-19 21:30 - 2020-09-06 14:14 - 000000000 ____D C:\Users\helen\Desktop\SLŠ Žlutice
2021-05-15 08:35 - 2020-10-28 13:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-14 21:26 - 2019-11-12 19:24 - 000000000 ____D C:\Users\helen\AppData\LocalLow\Mozilla
2021-05-14 21:04 - 2020-12-22 16:21 - 002575540 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-14 21:04 - 2020-12-22 14:30 - 000733960 _____ C:\WINDOWS\system32\perfh007.dat
2021-05-14 21:04 - 2020-12-22 14:30 - 000150344 _____ C:\WINDOWS\system32\perfc007.dat
2021-05-14 21:04 - 2019-12-07 16:41 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-14 21:04 - 2019-12-07 16:41 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-14 20:48 - 2020-01-16 20:01 - 000000000 ____D C:\Users\helen\Desktop\fotky
2021-05-14 20:47 - 2019-03-20 21:08 - 000000000 ___RD C:\Users\helen\Desktop\Helen
2021-05-13 17:43 - 2018-05-02 19:25 - 000000000 ___RD C:\Users\helen\OneDrive
2021-05-12 21:37 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-12 21:24 - 2020-12-22 14:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-05-12 21:24 - 2020-12-22 14:18 - 000000000 ____D C:\WINDOWS\en-GB
2021-05-12 21:24 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-12 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-12 11:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 09:55 - 2020-10-30 18:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 09:51 - 2020-10-30 18:54 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 07:28 - 2020-10-28 16:50 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-11 07:28 - 2020-10-28 16:50 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-07 11:55 - 2020-10-28 12:58 - 000000000 ____D C:\ProgramData\Intel
2021-05-07 11:53 - 2020-10-28 12:58 - 000000000 ____D C:\Program Files\Intel
2021-05-05 14:20 - 2017-09-28 22:10 - 000000000 ____D C:\ProgramData\PCDr
2021-05-05 10:22 - 2018-05-04 21:54 - 000000000 ___RD C:\Users\helen\Desktop\dokumenty
2021-04-27 19:51 - 2021-02-24 22:22 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-04-26 16:32 - 2021-01-20 18:55 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d86da316bc61
2021-04-26 16:32 - 2020-12-22 16:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-23 21:30 - 2018-09-14 20:58 - 000000000 ___RD C:\Users\helen\Documents\Scanned Documents
2021-04-23 16:33 - 2020-11-17 11:41 - 000000000 ____D C:\Users\helen\Desktop\Holý

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\WINDOWS\SysWOW64\d3dx11_42.dll [2021-05-21] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-05-2021
Ran by helen (23-05-2021 19:30:23)
Running from C:\Users\helen\Desktop
Windows 10 Home Version 20H2 19042.985 (X64) (2020-12-22 14:43:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1911357360-3452808120-2699024319-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1911357360-3452808120-2699024319-503 - Limited - Disabled)
Guest (S-1-5-21-1911357360-3452808120-2699024319-501 - Limited - Disabled)
helen (S-1-5-21-1911357360-3452808120-2699024319-1001 - Administrator - Enabled) => C:\Users\helen
WDAGUtilityAccount (S-1-5-21-1911357360-3452808120-2699024319-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.5.2 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8431b7d7-59d1-4f45-8212-a2eac049528f}) (Version: 19.60.0 - Intel Corporation)
Branding64 (HKLM\...\{871DA3E4-7743-4CDB-B95E-995DA5DA9B23}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9177.0 - Waves Audio Ltd.) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13929.20386 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Název společnosti:)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.2004.84 - Trusteer)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.2004.84 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.17.7 - TeamViewer)
True Color (HKLM\...\{843D1B75-7A4E-4C8C-8348-BDF6C6EC3333}) (Version: 1.0.1.1 - Entertainment Experience LLC) Hidden
True Color (HKLM-x32\...\{c38d939e-31d4-44fa-a07a-d28915046b7d}) (Version: 7.9.0.0 - Entertainment Experience)
True Color XML Tables (HKLM\...\{EAE8B515-AC0E-46A8-AA41-CAD18E4094CD}) (Version: 7.10.0.0 - Entertainment Experience LLC) Hidden
TrueColorXMLTables (HKLM-x32\...\{bf377b78-c440-4ce9-a962-2fde04e6d4cd}) (Version: 7.10.0.0 - Entertainment Experience)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-27] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-12] (HP Inc.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\db6ea5db.mediasuiteessentialsfordell_2.6.4028.0_x86__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-12] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-10-28] (Netflix, Inc.)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3224.0_x86__mcezb6ze687jp [2021-03-08] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\db6ea5db.power2gofordell_11.0.3920.0_x86__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\db6ea5db.powerdirectorfordell_15.0.4409.0_x64__mcezb6ze687jp [2020-10-28] (CYBERLINK CORPORATION.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2020-10-28] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-05-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af02201d084badde\igfxDTCM.dll [2020-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-07-18 16:27 - 2018-07-18 16:27 - 000747520 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-08-17 11:48 - 2020-08-17 11:48 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> DefaultScope {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\helen\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\5542778-vypravny_spiralovita_galaxie_spiral_galaxy_ngc_5643.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7758BC82-DA89-4397-96FD-B94C956383EE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{392676CE-5B65-40E3-9A0F-1289C7D57E6A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DA300A6-DEBC-42F6-BC35-F977BB8329A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B85A59F3-77C5-4172-BE9D-A6994C0720A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A67BD598-88A4-4874-A561-54A5F8BF48CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CCD4163A-EA7A-422A-B169-4F2B705E8AD7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{98A93CD0-21D5-42A4-B52F-2BB45FE687EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5DC8D434-3C5A-45F4-86AB-70A69E9F7F66}] => (Allow) C:\Users\helen\AppData\Local\Temp\DriverPack-20210521191155\tools\aria2c.exe () [File not signed]
FirewallRules: [{069992CF-0543-424B-BF51-7A2A47FB7559}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe => No File
FirewallRules: [{18050115-626F-4DA8-889A-E1D692993215}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\76.0.4017.123_0\opera.exe => No File
FirewallRules: [{6FD38925-5D95-4309-BD0A-FA13A55CD391}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B586F1EE-047F-4C88-BD3C-B9D0998C2295}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0CDC31E0-83E8-4778-A223-2BD56B42B3BB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1BD457F6-659B-4A9A-A663-A3B18495A264}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F3DA4B5F-A5DF-41DC-B8FD-E248A8547BA4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

21-05-2021 17:46:14 AMDCleanupUtility Restore Point
21-05-2021 21:38:55 AdwCleaner_BeforeCleaning_21/05/2021_21:38:55
21-05-2021 22:11:54 JRT Pre-Junkware Removal
22-05-2021 07:51:46 Removed SmartByte Drivers and Services.
22-05-2021 11:34:30 Removed SmartByte Drivers and Services.
22-05-2021 11:38:23 Removed SmartByte Drivers and Services.
23-05-2021 14:32:37 O&O ShutUp10

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (05/23/2021 07:32:36 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4


System errors:
=============
Error: (05/23/2021 02:41:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (05/23/2021 02:41:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (05/23/2021 02:41:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (05/23/2021 01:48:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/23/2021 01:48:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/23/2021 01:48:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Wizard Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/23/2021 01:48:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Registry Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/23/2021 01:48:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TrueColorALS byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-05-23 19:13:43
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 6224393405
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1261.0, AS: 1.339.1261.0, NIS: 1.339.1261.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-23 19:13:26
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 6047847088
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1261.0, AS: 1.339.1261.0, NIS: 1.339.1261.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:28:09
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\filmy\FRST.exe; webfile:_C:\Users\helen\Desktop\filmy\FRST.exe|https://download.bleepingcomputer.com/d ... 4886946956
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:27:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 4679758296
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-21 22:10:14
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\helen\Desktop\FRST.exe; webfile:_C:\Users\helen\Desktop\FRST.exe|https://download.bleepingcomputer.com/d ... 4127603958
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-CCEJ3K8\helen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1178.0, AS: 1.339.1178.0, NIS: 1.339.1178.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-14 21:22:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.537.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-05-13 17:18:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.486.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-05-07 09:01:51
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.61.0
Předchozí verze bezpečnostních informací: 1.337.661.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-07 09:01:51
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.61.0
Předchozí verze bezpečnostních informací: 1.337.661.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-07 09:01:51
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: Dell Inc. 1.3.1 10/05/2020
Motherboard: Dell Inc. 0C6XG5
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 52%
Total physical RAM: 8090.5 MB
Available physical RAM: 3832.74 MB
Total Virtual: 11162.5 MB
Available Virtual: 5454 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:914.56 GB) (Free:828.35 GB) NTFS

\\?\Volume{8f23e1a0-654d-4a77-b7ad-6fed692c9b5c}\ (WINRETOOLS) (Fixed) (Total:0.79 GB) (Free:0.39 GB) NTFS
\\?\Volume{8ae861fd-f73d-40b7-945d-889735320419}\ (Image) (Fixed) (Total:13.36 GB) (Free:0.12 GB) NTFS
\\?\Volume{b3ce438a-2986-4c7b-bb18-44c9501e20c3}\ () (Fixed) (Total:1.12 GB) (Free:0.56 GB) NTFS
\\?\Volume{3ba28014-12b5-4a5b-ed52-46c4f65441b1}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:1.04 GB) NTFS
\\?\Volume{e1e36ce6-d7ba-4f2a-a585-a6fb65db55a1}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7BF277CB)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Prosím o kontrolu logu

Napsal: 23 kvě 2021 19:01
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\MountPoints2: {8e361b08-792b-11eb-a643-bca8a6dcbb25} - "E:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {6FDAEE44-32D6-4BB9-BC73-ED380D146DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {969B3B9F-1EBB-4323-A9C9-8ED9F0E18716} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
FCheck: C:\WINDOWS\SysWOW64\d3dx11_42.dll [2021-05-21] <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> DefaultScope {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
FirewallRules: [{069992CF-0543-424B-BF51-7A2A47FB7559}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe => No File
FirewallRules: [{18050115-626F-4DA8-889A-E1D692993215}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\76.0.4017.123_0\opera.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu

Napsal: 24 kvě 2021 15:19
od Dominator
Fix result of Farbar Recovery Scan Tool (x64) Version: 24-05-2021
Ran by helen (24-05-2021 16:12:22) Run:1
Running from C:\Users\helen\Desktop
Loaded Profiles: helen &
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\...\MountPoints2: {8e361b08-792b-11eb-a643-bca8a6dcbb25} - "E:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {6FDAEE44-32D6-4BB9-BC73-ED380D146DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {969B3B9F-1EBB-4323-A9C9-8ED9F0E18716} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
FCheck: C:\WINDOWS\SysWOW64\d3dx11_42.dll [2021-05-21] <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> DefaultScope {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
SearchScopes: HKU\S-1-5-21-1911357360-3452808120-2699024319-1001 -> {B45287CD-5758-4DF0-BBDB-FA55FA8410E5} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
FirewallRules: [{069992CF-0543-424B-BF51-7A2A47FB7559}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe => No File
FirewallRules: [{18050115-626F-4DA8-889A-E1D692993215}] => (Allow) C:\Users\helen\AppData\Local\Programs\Opera\76.0.4017.123_0\opera.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e361b08-792b-11eb-a643-bca8a6dcbb25} => removed successfully
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6FDAEE44-32D6-4BB9-BC73-ED380D146DA5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FDAEE44-32D6-4BB9-BC73-ED380D146DA5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{969B3B9F-1EBB-4323-A9C9-8ED9F0E18716}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{969B3B9F-1EBB-4323-A9C9-8ED9F0E18716}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\WINDOWS\SysWOW64\d3dx11_42.dll => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1911357360-3452808120-2699024319-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B45287CD-5758-4DF0-BBDB-FA55FA8410E5} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{069992CF-0543-424B-BF51-7A2A47FB7559}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18050115-626F-4DA8-889A-E1D692993215}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 12083200 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22206598 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 15424510 B
Edge => 0 B
Chrome => 446058370 B
Firefox => 9870817 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 4709250 B
systemprofile32 => 4709250 B
LocalService => 4709250 B
NetworkService => 25966326 B
helen => 662142088 B
defaultuser100000 => 662148744 B

RecycleBin => 17239 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:13:26 ====

Re: Prosím o kontrolu logu

Napsal: 24 kvě 2021 17:53
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosím o kontrolu logu

Napsal: 24 kvě 2021 18:50
od Dominator
Ano je to mnohem lepší. Děkuji

Re: Prosím o kontrolu logu

Napsal: 24 kvě 2021 18:54
od Rudy
Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz