VIRY.CZ
https://forum.viry.cz:443/

nejde se zbavit Ad-Aware SecureSearch
https://forum.viry.cz:443/viewtopic.php?f=13&t=155958
Stránka 1 z 2

Autor:  pasik68 [ 19 kvě 2019 08:19 ]
Předmět příspěvku:  nejde se zbavit Ad-Aware SecureSearch

Dobrý den,
při otevření nového okna v prohlížeči Firefox mi vyskakuje Ad-Aware SecureSearch.
V seznamu aplikací a funkcí ho nemohu nalézt. Prosím i o preventivní kontrolu.
Děkuji za pomoc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-05.2019
Ran by RSlos (administrator) on RADOVAN (Gigabyte Technology Co., Ltd. P55-US3L) (19-05-2019 09:05:28)
Running from D:\Downloads
Loaded Profiles: RSlos (Available Profiles: RSlos)
Platform: Windows 10 Home Version 1809 17763.503 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1903.21.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(American Power Conversion -> Schneider Electric) D:\Programs\APC\PowerChute Personal Edition\dataserv.exe
(American Power Conversion -> Schneider Electric) D:\Programs\APC\PowerChute Personal Edition\mainserv.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Geek Software GmbH -> Geek Software GmbH) D:\Programs\PDF24\pdf24.exe
(Geek Software GmbH -> Geek Software GmbH) D:\Programs\PDF24\pdf24.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.503_none_7e5131134cd5bd73\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Software Ltd) D:\Programs\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM-x32\...\Run: [PDFPrint] => D:\Programs\PDF24\pdf24.exe [433800 2018-09-17] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Programs\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Display] => D:\Programs\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (American Power Conversion -> Schneider Electric)
HKU\S-1-5-21-1484243458-1922150109-371872183-1001\...\Run: [CCleaner Smart Cleaning] => D:\Programs\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1484243458-1922150109-371872183-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\PROGRAMS\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software, a.s. -> ZONER software)
HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32-x32: [vidc.pDAD] => prodad-codec.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2018-12-22]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2019-02-10]
ShortcutTarget: APC UPS Status.lnk -> D:\Programs\APC\PowerChute Personal Edition\Display.exe (American Power Conversion -> Schneider Electric)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06029402-0706-4D85-88DE-69F5AF37CE34} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {06942B43-7FE1-4B8D-B366-D6F421DBC237} - System32\Tasks\GarminUpdaterTask => D:\Garmin\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
Task: {14B5252D-4C67-4DB7-B2E8-689B60CBBDA0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C211A8F-833D-42C7-AFB1-B2D3F8C87EDC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {99CA6E3F-BCEE-4069-A208-0F8F5CDDB325} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-14] (Adobe Inc. -> Adobe)
Task: {A76B119A-08B0-4A3B-9383-85221B0733D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6B7A80D-8109-4FBA-B1BA-0F129FFEFB35} - System32\Tasks\CCleaner Update => D:\Programs\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C19488DA-369F-4EB7-9BA5-70EA4A51056A} - System32\Tasks\CCleanerSkipUAC => D:\Programs\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CDA9EE1C-6058-4DC9-912F-59328B567437} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F334E11A-3BA1-4802-8387-3CAA167E609C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{31820197-ba16-4c87-be1f-c9f09b819ad6}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1484243458-1922150109-371872183-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

FireFox:
========
FF DefaultProfile: 138eebmm.default
FF ProfilePath: C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default [2019-05-19]
FF Homepage: Mozilla\Firefox\Profiles\138eebmm.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\138eebmm.default -> hxxp://securedsearch.lavasoft.com/?pr=v ... 20__190423
FF Extension: (Google Translator for Firefox) - C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default\Extensions\translator@zoli.bod.xpi [2018-12-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programs\PDF-XChange Editor\PDF Editor\npPDFXEditPlugin.x64.dll [2018-02-27] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Programs\Google\Picasa3\npPicasa3.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programs\PDF-XChange Editor\PDF Editor\npPDFXEditPlugin.x86.dll [2018-02-27] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1484243458-1922150109-371872183-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2019-02-01] (Ubisoft Massive -> Ubisoft)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APC Data Service; D:\Programs\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (American Power Conversion -> Schneider Electric)
R2 APC UPS Service; D:\Programs\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (American Power Conversion -> Schneider Electric)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2303792 2019-05-08] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; D:\Hry\Origin\OriginWebHelperService.exe [3175216 2019-05-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF24; D:\Programs\PDF24\pdf24.exe [433800 2018-09-17] (Geek Software GmbH -> Geek Software GmbH)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2019-02-01] (Even Balance, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_8e4f37220e99138f\nvlddmkm.sys [17213824 2018-09-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-23] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-19 09:05 - 2019-05-19 09:05 - 000000000 ____D C:\FRST
2019-05-18 07:37 - 2019-05-18 07:37 - 026807808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 023438848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 019022336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 007879680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 006072320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 005498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 004660736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 003905536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 002780000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 002708480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001699496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-18 07:37 - 2019-05-18 07:37 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001342608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-18 07:37 - 2019-05-18 07:37 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001253904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 001225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000586280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-18 07:37 - 2019-05-18 07:37 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-18 07:37 - 2019-05-18 07:37 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-18 07:37 - 2019-05-18 07:37 - 000090640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000080184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-05-09 09:25 - 2019-05-14 18:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-04 07:11 - 2019-05-04 07:11 - 012844032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 012140032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 003406848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 002701512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 002205184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001674696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001653760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001467552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001219640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000806600 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-04 07:11 - 2019-05-04 07:11 - 000806600 _____ C:\WINDOWS\system32\locale.nls
2019-05-04 07:11 - 2019-05-04 07:11 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000780632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000725696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2019-05-04 07:11 - 2019-05-04 07:11 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000676256 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000638376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2019-05-04 07:11 - 2019-05-04 07:11 - 000553656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000514632 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-05-04 07:11 - 2019-05-04 07:11 - 000451080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-05-04 07:11 - 2019-05-04 07:11 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000280592 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000263576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000157200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000086960 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2019-04-23 19:08 - 2019-04-23 19:29 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\CrystalIdea Software
2019-04-19 12:57 - 2019-04-19 12:57 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-1484243458-1922150109-371872183-1001

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-19 09:02 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-19 08:50 - 2019-02-28 17:53 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-19 08:02 - 2018-09-28 13:02 - 000000000 ____D C:\Users\RSlos\AppData\LocalLow\Mozilla
2019-05-19 07:55 - 2018-12-22 21:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-19 07:03 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-05-18 12:41 - 2018-09-28 07:13 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-18 10:12 - 2018-12-22 21:12 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-18 10:12 - 2018-09-15 19:32 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-18 10:12 - 2018-09-15 19:32 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-18 10:04 - 2018-12-22 21:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-18 10:04 - 2018-12-22 21:01 - 000415496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-18 08:45 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-18 08:45 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-18 08:45 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-18 07:38 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-18 07:35 - 2018-09-28 14:50 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-16 07:34 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-16 07:33 - 2018-12-22 21:08 - 000004200 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-15 16:04 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-15 16:04 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-15 12:09 - 2018-09-28 07:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 12:07 - 2018-09-28 07:37 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 18:23 - 2018-09-28 13:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-14 18:21 - 2018-09-28 14:49 - 000000000 ____D C:\Users\RSlos\AppData\Local\Adobe
2019-05-14 16:53 - 2018-12-22 21:08 - 000004638 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-14 16:53 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-14 16:53 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-05-13 23:23 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-13 23:23 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-13 16:57 - 2018-09-28 22:45 - 000000000 ____D C:\ProgramData\Origin
2019-05-13 16:15 - 2018-09-28 22:45 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\Origin
2019-05-12 15:21 - 2018-09-28 20:55 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\Mp3tag
2019-05-09 14:27 - 2018-09-28 13:02 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-05-08 16:01 - 2018-09-28 23:12 - 000000839 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2019-05-04 17:36 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-04 17:36 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-01 11:09 - 2018-09-28 07:08 - 000000000 ____D C:\Users\RSlos\AppData\Local\Packages
2019-04-27 09:43 - 2018-09-28 14:39 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\audacity
2019-04-23 18:53 - 2018-12-16 11:39 - 000000000 ____D C:\Users\RSlos\Documents\záloha registrů
2019-04-23 15:56 - 2018-09-28 08:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories =======

2019-02-10 13:57 - 2019-02-10 14:06 - 000021368 _____ (Schneider Electric) C:\Users\RSlos\en_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000021368 _____ (Schneider Electric) C:\Users\RSlos\es_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000021880 _____ (Schneider Electric) C:\Users\RSlos\fr_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000021880 _____ (Schneider Electric) C:\Users\RSlos\grm_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000021368 _____ (Schneider Electric) C:\Users\RSlos\it_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000020344 _____ (Schneider Electric) C:\Users\RSlos\jp_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 001079808 _____ (Microsoft Corporation) C:\Users\RSlos\mfc80u.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000626688 _____ (Microsoft Corporation) C:\Users\RSlos\msvcr80.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 013923704 _____ (Schneider Electric) C:\Users\RSlos\PCPE Setup.exe
2019-02-10 13:57 - 2019-02-10 14:06 - 000021368 _____ (Schneider Electric) C:\Users\RSlos\pt_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000018808 _____ () C:\Users\RSlos\ResourceReader.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000020856 _____ (Schneider Electric) C:\Users\RSlos\ru_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000019832 _____ (Schneider Electric) C:\Users\RSlos\zh_res.dll
2018-09-29 00:40 - 2018-09-29 01:52 - 000000416 _____ () C:\Users\RSlos\AppData\Roaming\RADOVAN.MTBF.txt
2018-10-27 15:13 - 2018-12-27 18:13 - 000004608 _____ () C:\Users\RSlos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-22 14:26 - 2018-12-22 14:26 - 000000001 _____ () C:\Users\RSlos\AppData\Local\llftool.4.40.agreement
2018-09-28 11:04 - 2018-09-28 11:04 - 000000017 _____ () C:\Users\RSlos\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-05.2019
Ran by RSlos (19-05-2019 09:06:38)
Running from D:\Downloads
Windows 10 Home Version 1809 17763.503 (X64) (2018-12-22 19:08:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1484243458-1922150109-371872183-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1484243458-1922150109-371872183-503 - Limited - Disabled)
Guest (S-1-5-21-1484243458-1922150109-371872183-501 - Limited - Disabled)
RSlos (S-1-5-21-1484243458-1922150109-371872183-1001 - Administrator - Enabled) => C:\Users\RSlos
WDAGUtilityAccount (S-1-5-21-1484243458-1922150109-371872183-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_STANDARD_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_STANDARD_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_STANDARD_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (HKLM\...\{15DDA7AF-3E5C-49CC-B57C-8926F09405A6}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
calibre (HKLM-x32\...\{CF5F9723-E951-4080-BF78-7263A1C9C396}) (Version: 3.32.0 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Car Mechanic Simulator 2014.v 1.0.6.0 (HKLM-x32\...\Car Mechanic Simulator 2014.v 1.0.6.0_is1) (Version: Car Mechanic Simulator 2014.v 1.0.6.0 - Repack by Fenixx (07.02.2014))
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Creative Pack Volume 1 (HKLM\...\{997BE27F-A97F-4EF4-B841-D20ABF1CD6DC}) (Version: 4.0.0 - Corel Corporation)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Elevated Installer (HKLM-x32\...\{68D32366-4505-43D2-A1F5-EF4B645207D6}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
Garmin Express (HKLM-x32\...\{21a6db39-b3c0-447d-85d7-39dcf1703e3e}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{73CA3D46-6F24-43AA-ABE9-15341B96FF53}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Hollywood FX Volumes 1-3 (HKLM\...\{48C2040D-B49F-4B4D-AE4A-0DCED3305692}) (Version: 3.0 - Corel Corporation)
iZotope Music & Speech Cleaner (HKLM-x32\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 66.0.5 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.5 (x64 cs)) (Version: 66.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech)
NewBlue Effects (HKLM\...\{C68BAB1A-C7DF-4D81-83FC-981B31921924}) (Version: 2.1.0 - Corel Corporation)
NVIDIA Ovladač 3D Vision 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.24 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.24 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.38.25027 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.24 - NVIDIA Corporation) Hidden
PDF24 Creator 8.6.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-XChange Editor (HKLM\...\{D0B4B563-918D-42CE-8ADF-1E1549A7DCF9}) (Version: 7.0.324.3 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{e63a1903-34cf-4f96-90f3-fb0c70694630}) (Version: 7.0.324.3 - Tracker Software Products (Canada) Ltd.)
Pinnacle MyDVD (HKLM-x32\...\{9E90B657-D5B4-40C0-AE05-B29DED063494}) (Version: 1.0.112 - Název společnosti:) Hidden
Pinnacle MyDVD (HKLM-x32\...\{E6D07A42-38B7-4AAF-A857-2DF7177244D7}) (Version: 1.0 - Pinnacle)
Pinnacle Studio 19 - Install Manager (HKLM\...\{891ED714-E54D-4BE1-8DE8-4EE54D9BB402}) (Version: 19.1.245 - Corel Corporation)
Pinnacle Studio 19 - Standard Content Pack (HKLM\...\{91D1B712-604F-49C8-943F-FD257D647161}) (Version: 19.1 - Corel Corporation)
Pinnacle Studio 19 (HKLM\...\{CF91A83C-B84F-43CE-BCCE-7247E6137173}) (Version: 19.1.3.320 - Corel Corporation)
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Registrace uživatele zařízení Canon MG3200 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3200 series) (Version: - Canon Inc.‎)
ScoreFitter Volumes 1-2 (HKLM\...\{5CA29919-6361-4A17-91C5-6819E43794B1}) (Version: 3.0 - Corel Corporation)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.51.77.1020 - Electronic Arts Inc.)
Title Extreme (HKLM\...\{3B519225-B4B2-40B7-A431-3C6AAE2831B4}) (Version: 3.0 - Corel Corporation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-03-12] (Dolby Laboratories)
Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_196.2292.59195.0_x86__8xx8rvfyw5nnt [2019-05-15] (Facebook Inc)
Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.4.18.0_x64__jb41c8remg0x2 [2019-05-04] (Polarr)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programs\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programs\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => D:\Programs\PDF-XChange Editor\Shell Extensions\XCShellMenu.x64.dll [2018-02-27] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Programs\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programs\WinRAR\rarext64.dll [2005-06-07] () [File not signed]
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programs\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Programs\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => D:\Programs\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programs\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programs\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programs\WinRAR\rarext64.dll [2005-06-07] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programs\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => D:\Programs\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programs\WinRAR\rarext64.dll [2005-06-07] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-09-28 21:11 - 2012-03-28 19:01 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2012-01-24 17:03 - 2012-01-24 17:03 - 001921024 _____ (Schneider Electric) [File not signed] D:\Programs\APC\PowerChute Personal Edition\res.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1484243458-1922150109-371872183-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1484243458-1922150109-371872183-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1484243458-1922150109-371872183-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\RSlos\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG-20180505-WA0030.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "$McRebootA5E6DEAA56$.lnk"
HKLM\...\StartupApproved\StartupFolder: => "APC UPS Status.lnk"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "Display"
HKU\S-1-5-21-1484243458-1922150109-371872183-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1484243458-1922150109-371872183-1001\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{80675DA5-6747-4DC9-A230-E120A87092EA}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{7E4C7482-E2F4-45F0-860C-8FB6A69BEF01}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{B017BFFD-FCFA-43B6-9BC8-6F47FD9B5651}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{882338E3-6B10-4539-9956-54153D924A43}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E10EECFB-2DC5-40E6-B316-636E64F546EC}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{10E3D450-CBFC-487C-99F6-36A62AA94E90}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{F0700937-AFD7-460D-9AF0-2766FE638350}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{DEAF6521-CB8D-499B-948A-471031A5FB9E}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{32A79222-5A48-4CA1-85BE-BC1FDD5B8A9E}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{D8450EC6-39D7-4FCC-B65B-6FC89ED4A22F}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{FFF83890-E045-472C-9786-CC2714E27885}] => (Allow) D:\Programs\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{5D981017-F913-4CE0-BE96-EAC4119A74D9}] => (Allow) D:\Programs\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{2B563D5A-0A78-4597-BB1C-4A5A75A7E2C3}] => (Allow) D:\Programs\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{D41DAE36-B9BD-4D0A-A231-7052BAF74399}] => (Allow) D:\Programs\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{9BB119B3-17CC-4871-A062-F8B5D96C2A8A}] => (Allow) D:\Programs\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{16CA10C9-5EF9-480C-8E3F-FF62BA38C270}] => (Allow) D:\Programs\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D301D2B7-CF4A-4CA0-9926-C861FE0C8DF1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{98EAEEB5-9C09-4E33-B1E4-7DF63E72220F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B0320090-890D-410B-8D98-1DEB366C11C6}] => (Allow) D:\Programs\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{8CB7840B-A404-4A4C-870C-3E919F1DFE30}] => (Allow) D:\Programs\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{9EDF947F-13BF-43E4-9BE7-495F62E8A6BC}D:\programs\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) D:\programs\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [UDP Query User{040733F0-F5C2-4AF8-BE47-D4CC43B11398}D:\programs\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) D:\programs\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [{56D7B120-BB0C-4375-BA6F-5E3382887FD6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{45892470-C855-4931-BCA8-68F7F1AC0E66}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{C8B4063E-D335-4704-92AA-A15BB09AD3A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{8217AB0E-1C5B-40E0-BB0C-8D575549B745}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E4A32F8A-BA32-49F5-BF6C-3F80723BF014}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{E9AF68CD-B28C-4EBD-B851-BA085DD8AA3D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{7E687A41-AD06-448A-BAFC-70AB26C7B8D3}D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe] => (Allow) D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe No File
FirewallRules: [UDP Query User{DA28E2DE-05B3-4718-9C14-78EE3D948CCE}D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe] => (Allow) D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe No File
FirewallRules: [TCP Query User{14224BCA-7486-4C3D-8BB2-61AEA895FA06}C:\users\rslos\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\rslos\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [UDP Query User{DCF64B1C-1F2A-42FF-A54D-23457317C051}C:\users\rslos\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\rslos\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [{57BBC33C-3E2D-4142-95B4-1CD106A5ED3E}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{D471FDDE-8689-4C42-A013-DBB483C584D0}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{6474EDA5-EDB5-4838-8268-3905509049AF}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{CC5085C9-7E07-4491-A7D8-6C59C36DDDF1}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

==================== Restore Points =========================

04-05-2019 07:07:34 Windows Update
08-05-2019 16:01:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
08-05-2019 16:01:45 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
15-05-2019 12:06:35 Windows Update

==================== Faulty Device Manager Devices =============

Name: Multimediální video adaptér
Description: Multimediální video adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/18/2019 10:04:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.17763.1, časové razítko: 0xb900eeff
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000009b00000001
ID chybujícího procesu: 0xd54
Čas spuštění chybující aplikace: 0x01d50d505a4eb037
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e44018ce-e650-4b1e-aced-207aa539f8b9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/18/2019 07:35:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro D:\Programs\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.475_none_05b43ca607202c6c.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.475_none_4d61737d1b9c5572.manifest.

Error: (05/15/2019 03:49:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.17763.1, časové razítko: 0xb900eeff
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000009b00000001
ID chybujícího procesu: 0xd00
Čas spuštění chybující aplikace: 0x01d50b24f6b424e8
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: f0d4e894-1953-4470-b1cb-d9317ed74d8a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/15/2019 12:03:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.17763.1, časové razítko: 0xb900eeff
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.475, časové razítko: 0x3230aa04
Kód výjimky: 0xc0000008
Posun chyby: 0x00000000000a356a
ID chybujícího procesu: 0xd80
Čas spuštění chybující aplikace: 0x01d50a7168eddcd3
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: bb409198-3118-489f-9df8-cf9edcea4d15
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/10/2019 03:13:33 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Firefox.

Program: Firefox
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (05/10/2019 03:13:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 66.0.5.7066, časové razítko: 0x5cd0edd5
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000001d
Posun chyby: 0x000003f4c90b53ab
ID chybujícího procesu: 0x20fc
Čas spuštění chybující aplikace: 0x01d507308a6af366
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3d168a40-5fb8-46e0-9685-c7b28dd672a3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/09/2019 12:30:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_DPS, verze: 10.0.17763.1, časové razítko: 0xb900eeff
Název chybujícího modulu: diagperf.dll, verze: 10.0.17763.1, časové razítko: 0x0353b74b
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000132e4
ID chybujícího procesu: 0xd18
Čas spuštění chybující aplikace: 0x01d50651f813c420
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\diagperf.dll
ID zprávy: fb0d8cf1-91ca-4f26-9114-68d86cd3bcb7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/08/2019 06:22:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: udwm.dll, verze: 10.0.17763.404, časové razítko: 0xc4744ab5
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000027221
ID chybujícího procesu: 0x21f8
Čas spuštění chybující aplikace: 0x01d504cb87b94b12
Cesta k chybující aplikaci: C:\WINDOWS\System32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\udwm.dll
ID zprávy: ce3ea677-16b1-4c30-b42b-5ef3c22fbff7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (05/19/2019 09:04:38 AM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 09:04:38 AM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 08:51:11 AM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 08:51:11 AM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 08:42:59 AM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 08:42:59 AM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 08:25:58 AM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 08:25:58 AM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2019-05-18 10:24:21.764
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BB259B0E-953F-435A-8D38-1DBD8F2153F9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-15 19:01:35.214
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3EE9B32C-52FC-4B32-B9FA-2013CF16ADA5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-10 09:05:36.882
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4933C16D-E095-4BD6-8930-24EE303BFA0A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-06 17:09:31.809
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3C8C1B35-5846-4FF1-AF5B-D69860720427}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-06 13:36:13.153
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B4A1925D-9992-4CE2-AE54-1DC3935317FC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-02 14:15:39.294
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.527.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80070643
Popis chyby :Při instalaci došlo k závažné chybě.

Date: 2019-05-02 14:15:37.275
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.293.664.0
Předchozí verze podpisu: 1.293.527.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.15900.4
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x8050a004
Popis chyby :Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2019-05-02 14:15:37.275
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.293.664.0
Předchozí verze podpisu: 1.293.527.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.15900.4
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x8050a004
Popis chyby :Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2019-04-14 15:03:51.543
Description:
Modul programu Antivirová ochrana v programu Windows Defender byl ukončen v důsledku neočekávané chyby.
Typ chyby: Chyba
Kód výjimky: 0xc0000005
Zdroj:

Date: 2019-03-30 17:04:50.165
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.649.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80070643
Popis chyby :Při instalaci došlo k závažné chybě.

CodeIntegrity:
===================================

Date: 2019-04-14 15:04:04.297
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:04.284
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:04.202
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:04.189
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:04.172
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:04.155
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:03.458
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:03.419
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Award Software International, Inc. FH 06/24/2010
Motherboard: Gigabyte Technology Co., Ltd. P55-US3L
Processor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
Percentage of memory in use: 37%
Total physical RAM: 8183.49 MB
Available physical RAM: 5154.55 MB
Total Virtual: 9463.49 MB
Available Virtual: 5070.86 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:231.93 GB) (Free:177.01 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:483.64 GB) NTFS

\\?\Volume{bce5a315-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{bce5a315-0000-0000-0000-a01a3a000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: BCE5A315)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=479 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 856E1FCF)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Autor:  Rudy [ 19 kvě 2019 10:12 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

Zdravím!
Spusťte tuto utilitu:

Citace:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Autor:  pasik68 [ 20 kvě 2019 15:43 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-20-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\VIS
Deleted HKLM\Software\Classes\Prod.cap
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

Autor:  Rudy [ 20 kvě 2019 16:18 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

Dejte nové logy FRST+Addition.

Autor:  pasik68 [ 20 kvě 2019 16:44 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by RSlos (administrator) on RADOVAN (Gigabyte Technology Co., Ltd. P55-US3L) (20-05-2019 17:40:06)
Running from D:\Downloads
Loaded Profiles: RSlos (Available Profiles: RSlos)
Platform: Windows 10 Home Version 1809 17763.503 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1903.21.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19041.481.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(American Power Conversion -> Schneider Electric) D:\Programs\APC\PowerChute Personal Edition\dataserv.exe
(American Power Conversion -> Schneider Electric) D:\Programs\APC\PowerChute Personal Edition\mainserv.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Geek Software GmbH -> Geek Software GmbH) D:\Programs\PDF24\pdf24.exe
(Geek Software GmbH -> Geek Software GmbH) D:\Programs\PDF24\pdf24.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Software Ltd) D:\Programs\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM-x32\...\Run: [PDFPrint] => D:\Programs\PDF24\pdf24.exe [433800 2018-09-17] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Programs\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Display] => D:\Programs\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (American Power Conversion -> Schneider Electric)
HKU\S-1-5-21-1484243458-1922150109-371872183-1001\...\Run: [CCleaner Smart Cleaning] => D:\Programs\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1484243458-1922150109-371872183-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\PROGRAMS\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software, a.s. -> ZONER software)
HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32-x32: [vidc.pDAD] => prodad-codec.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2018-12-22]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2019-02-10]
ShortcutTarget: APC UPS Status.lnk -> D:\Programs\APC\PowerChute Personal Edition\Display.exe (American Power Conversion -> Schneider Electric)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06029402-0706-4D85-88DE-69F5AF37CE34} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {06942B43-7FE1-4B8D-B366-D6F421DBC237} - System32\Tasks\GarminUpdaterTask => D:\Garmin\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
Task: {14B5252D-4C67-4DB7-B2E8-689B60CBBDA0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C211A8F-833D-42C7-AFB1-B2D3F8C87EDC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {99CA6E3F-BCEE-4069-A208-0F8F5CDDB325} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-14] (Adobe Inc. -> Adobe)
Task: {A76B119A-08B0-4A3B-9383-85221B0733D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6B7A80D-8109-4FBA-B1BA-0F129FFEFB35} - System32\Tasks\CCleaner Update => D:\Programs\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C19488DA-369F-4EB7-9BA5-70EA4A51056A} - System32\Tasks\CCleanerSkipUAC => D:\Programs\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CDA9EE1C-6058-4DC9-912F-59328B567437} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F334E11A-3BA1-4802-8387-3CAA167E609C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{31820197-ba16-4c87-be1f-c9f09b819ad6}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1484243458-1922150109-371872183-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

FireFox:
========
FF DefaultProfile: 138eebmm.default
FF ProfilePath: C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default [2019-05-20]
FF Homepage: Mozilla\Firefox\Profiles\138eebmm.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\138eebmm.default -> hxxp://securedsearch.lavasoft.com/?pr=v ... 20__190423
FF Extension: (Google Translator for Firefox) - C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default\Extensions\translator@zoli.bod.xpi [2018-12-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programs\PDF-XChange Editor\PDF Editor\npPDFXEditPlugin.x64.dll [2018-02-27] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Programs\Google\Picasa3\npPicasa3.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programs\PDF-XChange Editor\PDF Editor\npPDFXEditPlugin.x86.dll [2018-02-27] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1484243458-1922150109-371872183-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2019-02-01] (Ubisoft Massive -> Ubisoft)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APC Data Service; D:\Programs\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (American Power Conversion -> Schneider Electric)
R2 APC UPS Service; D:\Programs\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (American Power Conversion -> Schneider Electric)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2303792 2019-05-08] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; D:\Hry\Origin\OriginWebHelperService.exe [3175216 2019-05-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF24; D:\Programs\PDF24\pdf24.exe [433800 2018-09-17] (Geek Software GmbH -> Geek Software GmbH)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2019-02-01] (Even Balance, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_8e4f37220e99138f\nvlddmkm.sys [17213824 2018-09-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-23] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-20 16:38 - 2019-05-20 16:39 - 000000000 ____D C:\AdwCleaner
2019-05-20 16:37 - 2019-05-20 16:37 - 007025360 _____ (Malwarebytes) C:\Users\RSlos\Desktop\adwcleaner_7.3.exe
2019-05-19 09:05 - 2019-05-20 17:40 - 000000000 ____D C:\FRST
2019-05-18 07:37 - 2019-05-18 07:37 - 026807808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 023438848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 019022336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 007879680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 006072320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 005498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 004660736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 003905536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 002780000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 002708480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001699496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-18 07:37 - 2019-05-18 07:37 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001342608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-18 07:37 - 2019-05-18 07:37 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001253904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 001225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000586280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-18 07:37 - 2019-05-18 07:37 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-18 07:37 - 2019-05-18 07:37 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-18 07:37 - 2019-05-18 07:37 - 000090640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000080184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-18 07:37 - 2019-05-18 07:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-18 07:37 - 2019-05-18 07:37 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-05-18 07:37 - 2019-05-18 07:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-05-09 09:25 - 2019-05-14 18:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-04 07:11 - 2019-05-04 07:11 - 012844032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 012140032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 003406848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 002701512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 002205184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001674696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001653760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001467552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001219640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000806600 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-04 07:11 - 2019-05-04 07:11 - 000806600 _____ C:\WINDOWS\system32\locale.nls
2019-05-04 07:11 - 2019-05-04 07:11 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000780632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000725696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2019-05-04 07:11 - 2019-05-04 07:11 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000676256 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000638376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2019-05-04 07:11 - 2019-05-04 07:11 - 000553656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000514632 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-05-04 07:11 - 2019-05-04 07:11 - 000451080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-05-04 07:11 - 2019-05-04 07:11 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000280592 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000263576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000157200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-05-04 07:11 - 2019-05-04 07:11 - 000086960 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-05-04 07:11 - 2019-05-04 07:11 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2019-04-23 19:08 - 2019-04-23 19:29 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\CrystalIdea Software

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-20 17:34 - 2018-12-22 21:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-20 17:34 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-20 16:45 - 2018-12-22 21:12 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-20 16:45 - 2018-09-15 19:32 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-20 16:45 - 2018-09-15 19:32 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-20 16:45 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-05-20 16:41 - 2018-09-28 13:02 - 000000000 ____D C:\Users\RSlos\AppData\LocalLow\Mozilla
2019-05-20 16:40 - 2018-12-22 21:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-20 16:40 - 2018-09-28 07:13 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-20 16:39 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-19 09:49 - 2018-09-28 07:08 - 000000000 ____D C:\Users\RSlos\AppData\Local\Packages
2019-05-19 08:50 - 2019-02-28 17:53 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-18 10:04 - 2018-12-22 21:01 - 000415496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-18 08:45 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-18 08:45 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-18 07:38 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-18 07:35 - 2018-09-28 14:50 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-16 07:34 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-16 07:33 - 2018-12-22 21:08 - 000004200 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-15 16:04 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-15 16:04 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-15 12:09 - 2018-09-28 07:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 12:07 - 2018-09-28 07:37 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 18:23 - 2018-09-28 13:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-14 18:21 - 2018-09-28 14:49 - 000000000 ____D C:\Users\RSlos\AppData\Local\Adobe
2019-05-14 16:53 - 2018-12-22 21:08 - 000004638 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-14 16:53 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-14 16:53 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-05-13 23:23 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-13 23:23 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-13 16:57 - 2018-09-28 22:45 - 000000000 ____D C:\ProgramData\Origin
2019-05-13 16:15 - 2018-09-28 22:45 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\Origin
2019-05-12 15:21 - 2018-09-28 20:55 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\Mp3tag
2019-05-09 14:27 - 2018-09-28 13:02 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-05-08 16:01 - 2018-09-28 23:12 - 000000839 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2019-05-04 17:36 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-04 17:36 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-04-27 09:43 - 2018-09-28 14:39 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\audacity
2019-04-23 18:53 - 2018-12-16 11:39 - 000000000 ____D C:\Users\RSlos\Documents\záloha registrů
2019-04-23 15:56 - 2018-09-28 08:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories =======

2019-02-10 13:57 - 2019-02-10 14:06 - 000021368 _____ (Schneider Electric) C:\Users\RSlos\en_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000021368 _____ (Schneider Electric) C:\Users\RSlos\es_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000021880 _____ (Schneider Electric) C:\Users\RSlos\fr_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000021880 _____ (Schneider Electric) C:\Users\RSlos\grm_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000021368 _____ (Schneider Electric) C:\Users\RSlos\it_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000020344 _____ (Schneider Electric) C:\Users\RSlos\jp_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 001079808 _____ (Microsoft Corporation) C:\Users\RSlos\mfc80u.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000626688 _____ (Microsoft Corporation) C:\Users\RSlos\msvcr80.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 013923704 _____ (Schneider Electric) C:\Users\RSlos\PCPE Setup.exe
2019-02-10 13:57 - 2019-02-10 14:06 - 000021368 _____ (Schneider Electric) C:\Users\RSlos\pt_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000018808 _____ () C:\Users\RSlos\ResourceReader.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000020856 _____ (Schneider Electric) C:\Users\RSlos\ru_res.dll
2019-02-10 13:57 - 2019-02-10 14:06 - 000019832 _____ (Schneider Electric) C:\Users\RSlos\zh_res.dll
2018-09-29 00:40 - 2018-09-29 01:52 - 000000416 _____ () C:\Users\RSlos\AppData\Roaming\RADOVAN.MTBF.txt
2018-10-27 15:13 - 2018-12-27 18:13 - 000004608 _____ () C:\Users\RSlos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-22 14:26 - 2018-12-22 14:26 - 000000001 _____ () C:\Users\RSlos\AppData\Local\llftool.4.40.agreement
2018-09-28 11:04 - 2018-09-28 11:04 - 000000017 _____ () C:\Users\RSlos\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by RSlos (20-05-2019 17:41:17)
Running from D:\Downloads
Windows 10 Home Version 1809 17763.503 (X64) (2018-12-22 19:08:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1484243458-1922150109-371872183-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1484243458-1922150109-371872183-503 - Limited - Disabled)
Guest (S-1-5-21-1484243458-1922150109-371872183-501 - Limited - Disabled)
RSlos (S-1-5-21-1484243458-1922150109-371872183-1001 - Administrator - Enabled) => C:\Users\RSlos
WDAGUtilityAccount (S-1-5-21-1484243458-1922150109-371872183-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_STANDARD_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_STANDARD_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_STANDARD_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (HKLM\...\{15DDA7AF-3E5C-49CC-B57C-8926F09405A6}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
calibre (HKLM-x32\...\{CF5F9723-E951-4080-BF78-7263A1C9C396}) (Version: 3.32.0 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Car Mechanic Simulator 2014.v 1.0.6.0 (HKLM-x32\...\Car Mechanic Simulator 2014.v 1.0.6.0_is1) (Version: Car Mechanic Simulator 2014.v 1.0.6.0 - Repack by Fenixx (07.02.2014))
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Creative Pack Volume 1 (HKLM\...\{997BE27F-A97F-4EF4-B841-D20ABF1CD6DC}) (Version: 4.0.0 - Corel Corporation)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Elevated Installer (HKLM-x32\...\{68D32366-4505-43D2-A1F5-EF4B645207D6}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
Garmin Express (HKLM-x32\...\{21a6db39-b3c0-447d-85d7-39dcf1703e3e}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{73CA3D46-6F24-43AA-ABE9-15341B96FF53}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Hollywood FX Volumes 1-3 (HKLM\...\{48C2040D-B49F-4B4D-AE4A-0DCED3305692}) (Version: 3.0 - Corel Corporation)
iZotope Music & Speech Cleaner (HKLM-x32\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 66.0.5 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.5 (x64 cs)) (Version: 66.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech)
NewBlue Effects (HKLM\...\{C68BAB1A-C7DF-4D81-83FC-981B31921924}) (Version: 2.1.0 - Corel Corporation)
NVIDIA Ovladač 3D Vision 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.24 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.24 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.38.25027 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.24 - NVIDIA Corporation) Hidden
PDF24 Creator 8.6.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-XChange Editor (HKLM\...\{D0B4B563-918D-42CE-8ADF-1E1549A7DCF9}) (Version: 7.0.324.3 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{e63a1903-34cf-4f96-90f3-fb0c70694630}) (Version: 7.0.324.3 - Tracker Software Products (Canada) Ltd.)
Pinnacle MyDVD (HKLM-x32\...\{9E90B657-D5B4-40C0-AE05-B29DED063494}) (Version: 1.0.112 - Název společnosti:) Hidden
Pinnacle MyDVD (HKLM-x32\...\{E6D07A42-38B7-4AAF-A857-2DF7177244D7}) (Version: 1.0 - Pinnacle)
Pinnacle Studio 19 - Install Manager (HKLM\...\{891ED714-E54D-4BE1-8DE8-4EE54D9BB402}) (Version: 19.1.245 - Corel Corporation)
Pinnacle Studio 19 - Standard Content Pack (HKLM\...\{91D1B712-604F-49C8-943F-FD257D647161}) (Version: 19.1 - Corel Corporation)
Pinnacle Studio 19 (HKLM\...\{CF91A83C-B84F-43CE-BCCE-7247E6137173}) (Version: 19.1.3.320 - Corel Corporation)
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Registrace uživatele zařízení Canon MG3200 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3200 series) (Version: - Canon Inc.‎)
ScoreFitter Volumes 1-2 (HKLM\...\{5CA29919-6361-4A17-91C5-6819E43794B1}) (Version: 3.0 - Corel Corporation)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.51.77.1020 - Electronic Arts Inc.)
Title Extreme (HKLM\...\{3B519225-B4B2-40B7-A431-3C6AAE2831B4}) (Version: 3.0 - Corel Corporation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-03-12] (Dolby Laboratories)
Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_196.2292.59195.0_x86__8xx8rvfyw5nnt [2019-05-15] (Facebook Inc)
Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.4.18.0_x64__jb41c8remg0x2 [2019-05-04] (Polarr)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programs\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programs\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => D:\Programs\PDF-XChange Editor\Shell Extensions\XCShellMenu.x64.dll [2018-02-27] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Programs\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programs\WinRAR\rarext64.dll [2005-06-07] () [File not signed]
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programs\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Programs\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => D:\Programs\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programs\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programs\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programs\WinRAR\rarext64.dll [2005-06-07] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programs\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => D:\Programs\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programs\WinRAR\rarext64.dll [2005-06-07] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-09-28 21:11 - 2012-03-28 19:01 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2019-01-26 19:38 - 2018-12-30 09:00 - 000077824 _____ (Igor Pavlov) [File not signed] D:\Programs\7-Zip\7-zip.dll
2012-01-24 17:03 - 2012-01-24 17:03 - 001921024 _____ (Schneider Electric) [File not signed] D:\Programs\APC\PowerChute Personal Edition\res.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1484243458-1922150109-371872183-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1484243458-1922150109-371872183-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\RSlos\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG-20180505-WA0030.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "$McRebootA5E6DEAA56$.lnk"
HKLM\...\StartupApproved\StartupFolder: => "APC UPS Status.lnk"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "Display"
HKU\S-1-5-21-1484243458-1922150109-371872183-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1484243458-1922150109-371872183-1001\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{80675DA5-6747-4DC9-A230-E120A87092EA}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{7E4C7482-E2F4-45F0-860C-8FB6A69BEF01}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{B017BFFD-FCFA-43B6-9BC8-6F47FD9B5651}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{882338E3-6B10-4539-9956-54153D924A43}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E10EECFB-2DC5-40E6-B316-636E64F546EC}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{10E3D450-CBFC-487C-99F6-36A62AA94E90}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{F0700937-AFD7-460D-9AF0-2766FE638350}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{DEAF6521-CB8D-499B-948A-471031A5FB9E}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{32A79222-5A48-4CA1-85BE-BC1FDD5B8A9E}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{D8450EC6-39D7-4FCC-B65B-6FC89ED4A22F}] => (Allow) D:\Programs\Pinnacle Studio 19\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{FFF83890-E045-472C-9786-CC2714E27885}] => (Allow) D:\Programs\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{5D981017-F913-4CE0-BE96-EAC4119A74D9}] => (Allow) D:\Programs\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{2B563D5A-0A78-4597-BB1C-4A5A75A7E2C3}] => (Allow) D:\Programs\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{D41DAE36-B9BD-4D0A-A231-7052BAF74399}] => (Allow) D:\Programs\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{9BB119B3-17CC-4871-A062-F8B5D96C2A8A}] => (Allow) D:\Programs\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{16CA10C9-5EF9-480C-8E3F-FF62BA38C270}] => (Allow) D:\Programs\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D301D2B7-CF4A-4CA0-9926-C861FE0C8DF1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{98EAEEB5-9C09-4E33-B1E4-7DF63E72220F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B0320090-890D-410B-8D98-1DEB366C11C6}] => (Allow) D:\Programs\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{8CB7840B-A404-4A4C-870C-3E919F1DFE30}] => (Allow) D:\Programs\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{9EDF947F-13BF-43E4-9BE7-495F62E8A6BC}D:\programs\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) D:\programs\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [UDP Query User{040733F0-F5C2-4AF8-BE47-D4CC43B11398}D:\programs\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) D:\programs\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [{56D7B120-BB0C-4375-BA6F-5E3382887FD6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{45892470-C855-4931-BCA8-68F7F1AC0E66}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{C8B4063E-D335-4704-92AA-A15BB09AD3A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{8217AB0E-1C5B-40E0-BB0C-8D575549B745}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E4A32F8A-BA32-49F5-BF6C-3F80723BF014}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{E9AF68CD-B28C-4EBD-B851-BA085DD8AA3D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{7E687A41-AD06-448A-BAFC-70AB26C7B8D3}D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe] => (Allow) D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe No File
FirewallRules: [UDP Query User{DA28E2DE-05B3-4718-9C14-78EE3D948CCE}D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe] => (Allow) D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe No File
FirewallRules: [TCP Query User{14224BCA-7486-4C3D-8BB2-61AEA895FA06}C:\users\rslos\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\rslos\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [UDP Query User{DCF64B1C-1F2A-42FF-A54D-23457317C051}C:\users\rslos\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\rslos\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [{57BBC33C-3E2D-4142-95B4-1CD106A5ED3E}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{D471FDDE-8689-4C42-A013-DBB483C584D0}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{6474EDA5-EDB5-4838-8268-3905509049AF}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{CC5085C9-7E07-4491-A7D8-6C59C36DDDF1}] => (Allow) D:\Hry\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

==================== Restore Points =========================

04-05-2019 07:07:34 Windows Update
08-05-2019 16:01:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
08-05-2019 16:01:45 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
15-05-2019 12:06:35 Windows Update

==================== Faulty Device Manager Devices =============

Name: Multimediální video adaptér
Description: Multimediální video adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/20/2019 04:40:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.17763.1, časové razítko: 0xb900eeff
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000009b00000001
ID chybujícího procesu: 0xd54
Čas spuštění chybující aplikace: 0x01d50f19f4ef0aff
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 517cf1f9-625f-43a8-b4c9-4cd0b528830c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/20/2019 09:26:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 66.0.5.7066, časové razítko: 0x5cd0edd5
Název chybujícího modulu: MSVCP140.dll, verze: 14.0.24212.0, časové razítko: 0x578691fe
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000034e5c
ID chybujícího procesu: 0x734
Čas spuštění chybující aplikace: 0x01d50ec06e1286c1
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\MSVCP140.dll
ID zprávy: 8fa53887-2dc9-4077-b7e5-f4052139c6dd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/18/2019 10:04:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.17763.1, časové razítko: 0xb900eeff
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000009b00000001
ID chybujícího procesu: 0xd54
Čas spuštění chybující aplikace: 0x01d50d505a4eb037
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e44018ce-e650-4b1e-aced-207aa539f8b9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/18/2019 07:35:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro D:\Programs\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.475_none_05b43ca607202c6c.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.475_none_4d61737d1b9c5572.manifest.

Error: (05/15/2019 03:49:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.17763.1, časové razítko: 0xb900eeff
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000009b00000001
ID chybujícího procesu: 0xd00
Čas spuštění chybující aplikace: 0x01d50b24f6b424e8
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: f0d4e894-1953-4470-b1cb-d9317ed74d8a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/15/2019 12:03:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.17763.1, časové razítko: 0xb900eeff
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.475, časové razítko: 0x3230aa04
Kód výjimky: 0xc0000008
Posun chyby: 0x00000000000a356a
ID chybujícího procesu: 0xd80
Čas spuštění chybující aplikace: 0x01d50a7168eddcd3
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: bb409198-3118-489f-9df8-cf9edcea4d15
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/10/2019 03:13:33 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Firefox.

Program: Firefox
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (05/10/2019 03:13:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 66.0.5.7066, časové razítko: 0x5cd0edd5
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000001d
Posun chyby: 0x000003f4c90b53ab
ID chybujícího procesu: 0x20fc
Čas spuštění chybující aplikace: 0x01d507308a6af366
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3d168a40-5fb8-46e0-9685-c7b28dd672a3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (05/20/2019 05:36:30 PM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/20/2019 05:36:30 PM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/20/2019 05:07:04 PM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/20/2019 05:07:03 PM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/20/2019 04:59:35 PM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/20/2019 04:59:35 PM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/20/2019 04:50:03 PM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/20/2019 04:49:55 PM) (Source: DCOM) (EventID: 10016) (User: RADOVAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli RADOVAN\RSlos (SID: S-1-5-21-1484243458-1922150109-371872183-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2019-05-18 10:24:21.764
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BB259B0E-953F-435A-8D38-1DBD8F2153F9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-15 19:01:35.214
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3EE9B32C-52FC-4B32-B9FA-2013CF16ADA5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-10 09:05:36.882
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4933C16D-E095-4BD6-8930-24EE303BFA0A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-06 17:09:31.809
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3C8C1B35-5846-4FF1-AF5B-D69860720427}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-06 13:36:13.153
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B4A1925D-9992-4CE2-AE54-1DC3935317FC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-02 14:15:39.294
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.527.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80070643
Popis chyby :Při instalaci došlo k závažné chybě.

Date: 2019-05-02 14:15:37.275
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.293.664.0
Předchozí verze podpisu: 1.293.527.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.15900.4
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x8050a004
Popis chyby :Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2019-05-02 14:15:37.275
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.293.664.0
Předchozí verze podpisu: 1.293.527.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.15900.4
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x8050a004
Popis chyby :Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2019-04-14 15:03:51.543
Description:
Modul programu Antivirová ochrana v programu Windows Defender byl ukončen v důsledku neočekávané chyby.
Typ chyby: Chyba
Kód výjimky: 0xc0000005
Zdroj:

Date: 2019-03-30 17:04:50.165
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.649.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80070643
Popis chyby :Při instalaci došlo k závažné chybě.

CodeIntegrity:
===================================

Date: 2019-04-14 15:04:04.297
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:04.284
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:04.202
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:04.189
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:04.172
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:04.155
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:03.458
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-04-14 15:04:03.419
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Award Software International, Inc. FH 06/24/2010
Motherboard: Gigabyte Technology Co., Ltd. P55-US3L
Processor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
Percentage of memory in use: 32%
Total physical RAM: 8183.49 MB
Available physical RAM: 5558.79 MB
Total Virtual: 9463.49 MB
Available Virtual: 5830.39 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:231.93 GB) (Free:176.81 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:483.63 GB) NTFS

\\?\Volume{bce5a315-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{bce5a315-0000-0000-0000-a01a3a000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 856E1FCF)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: BCE5A315)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=479 MB) - (Type=27)

==================== End of Addition.txt ============================

Autor:  Rudy [ 20 kvě 2019 17:08 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
FF NewTab: Mozilla\Firefox\Profiles\138eebmm.default -> hxxp://securedsearch.lavasoft.com/?pr=v ... 20__190423
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [TCP Query User{7E687A41-AD06-448A-BAFC-70AB26C7B8D3}D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe] => (Allow) D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe No File
FirewallRules: [UDP Query User{DA28E2DE-05B3-4718-9C14-78EE3D948CCE}D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe] => (Allow) D:\downloads\10.dočasné\torrent 2.2.1\utorrent.exe No File
FirewallRules: [TCP Query User{14224BCA-7486-4C3D-8BB2-61AEA895FA06}C:\users\rslos\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\rslos\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [UDP Query User{DCF64B1C-1F2A-42FF-A54D-23457317C051}C:\users\rslos\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\rslos\appdata\roaming\utorrent\utorrent.exe No File

EmptyTemp:
End


Uložte do D:\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Autor:  pasik68 [ 20 kvě 2019 17:41 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by RSlos (20-05-2019 18:31:08) Run:1
Running from D:\Downloads
Loaded Profiles: RSlos (Available Profiles: RSlos)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
FF NewTab: Mozilla\Firefox\Profiles\138eebmm.default -> hxxp://securedsearch.lavasoft.com/?pr=v ... 20__190423
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [TCP Query User{7E687A41-AD06-448A-BAFC-70AB26C7B8D3}D:\downloads\10.do�asn�\torrent 2.2.1\utorrent.exe] => (Allow) D:\downloads\10.do�asn�\torrent 2.2.1\utorrent.exe No File
FirewallRules: [UDP Query User{DA28E2DE-05B3-4718-9C14-78EE3D948CCE}D:\downloads\10.do�asn�\torrent 2.2.1\utorrent.exe] => (Allow) D:\downloads\10.do�asn�\torrent 2.2.1\utorrent.exe No File
FirewallRules: [TCP Query User{14224BCA-7486-4C3D-8BB2-61AEA895FA06}C:\users\rslos\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\rslos\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [UDP Query User{DCF64B1C-1F2A-42FF-A54D-23457317C051}C:\users\rslos\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\rslos\appdata\roaming\utorrent\utorrent.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"Firefox newtab" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7E687A41-AD06-448A-BAFC-70AB26C7B8D3}D:\downloads\10.do�asn�\torrent 2.2.1\utorrent.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DA28E2DE-05B3-4718-9C14-78EE3D948CCE}D:\downloads\10.do�asn�\torrent 2.2.1\utorrent.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{14224BCA-7486-4C3D-8BB2-61AEA895FA06}C:\users\rslos\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DCF64B1C-1F2A-42FF-A54D-23457317C051}C:\users\rslos\appdata\roaming\utorrent\utorrent.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 105766017 B
Java, Flash, Steam htmlcache => 15588658 B
Windows/system/drivers => 317233 B
Edge => 132936 B
Chrome => 0 B
Firefox => 20510693 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 7112 B
NetworkService => 0 B
RSlos => 13081343 B

RecycleBin => 0 B
EmptyTemp: => 155.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:32:22 ====

Autor:  Rudy [ 20 kvě 2019 18:03 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

Smazáno. Nastala nějaká změna?

Autor:  pasik68 [ 20 kvě 2019 18:28 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

Pořád to samé.

Příloha:
20171101_162516.jpg
20171101_162516.jpg [ 17.46 KiB | Zobrazeno 332 krát ]

Pořád to samé.

Autor:  Rudy [ 20 kvě 2019 19:04 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

Zkusíme vyčistit prohlížeče. Spusťte postupně tyto utilty:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize





Citace:
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;






Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Autor:  pasik68 [ 20 kvě 2019 19:43 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by RSlos on 20.05.2019 at 20:08:17,30.
Microsoft Windows 10 Home 10.0.17763 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\RSlos\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

20.05.2019 20:09:29 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Pegasus Imaging deleted successfully
C:\PROGRA~3\Babylon deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\RSlos\AppData\Roaming\CrystalIdea Software deleted successfully
C:\Users\RSlos\AppData\Roaming\Logitech deleted successfully
C:\Users\RSlos\AppData\Roaming\MPC-HC deleted successfully
C:\Users\RSlos\AppData\Local\CrashDumps deleted successfully
C:\Users\RSlos\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
user_pref("browser.search.defaultenginename", "Default Search Engine");
user_pref("browser.search.selectedEngine", "Default Search Engine");

Added to C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default

user.js not found
---- Lines Search removed from prefs.js ----
user_pref("browser.search.hiddenOneOffs", "Default Search Engine,DuckDuckGo,Heureka,Mapy.cz,Wikipedie (cs)");
---- Lines securedsearch removed from prefs.js ----
user_pref("browser.newtabpage.url", "http://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__190423");
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"addSearchEng
---- FireFox user.js and prefs.js backups ----

prefs__2025_.backup

==== Deleting Files \ Folders ======================

C:\Users\RSlos\AppData\Roaming\calibre deleted
C:\Users\RSlos\.android deleted
C:\Users\RSlos\AppData\Roaming\RADOVAN.MTBF.txt deleted
C:\Users\RSlos\AppData\Roaming\Babylon deleted
C:\Users\RSlos\en_res.dll deleted
C:\Users\RSlos\es_res.dll deleted
C:\Users\RSlos\fr_res.dll deleted
C:\Users\RSlos\grm_res.dll deleted
C:\Users\RSlos\it_res.dll deleted
C:\Users\RSlos\jp_res.dll deleted
C:\Users\RSlos\mfc80u.dll deleted
C:\Users\RSlos\msvcr80.dll deleted
C:\Users\RSlos\pt_res.dll deleted
C:\Users\RSlos\ResourceReader.dll deleted
C:\Users\RSlos\ru_res.dll deleted
C:\Users\RSlos\zh_res.dll deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2953.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2C893.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2F2A7.tmp deleted
C:\Users\RSlos\Documents\Add-in Express deleted
C:\Users\RSlos\PCPE Setup.exe deleted
"C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default\searchplugins\yahoo.xml" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default
- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll - [?]
- C:\Program Files x86\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll - [?]
- C:\Program Files x86\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll - [?]
C08AC183933D8FFD9BB7AB1AFB948B67 - D:\Programs\PDF-XChange Editor\PDF Editor\npPDFXEditPlugin.x64.dll - PDF-XChange Editor
02393A25A2191135268AD56817EC6ACD - D:\Programs\PDF-XChange Editor\PDF Editor\npPDFXEditPlugin.x86.dll - PDF-XChange Editor


==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\RSlos\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\RSlos\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\RSlos\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\RSlos\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\RSlos\AppData\Local\Mozilla\Firefox\Profiles\138eebmm.default\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=90 folders=44 293709114 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\RSlos\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\RSlos\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 20.05.2019 at 20:31:29,04 ======================

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by RSlos (Administrator) on 20.05.2019 at 20:41:10,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0


Deleted the following from C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\138eebmm.default\prefs.js
user_pref(browser.newtabpage.url, hxxp://securedsearch.lavasoft.com/?pr=v ... 20__190423);



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.05.2019 at 20:42:06,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Autor:  Rudy [ 20 kvě 2019 20:02 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

OK. Nastala nějaká změna?

Autor:  pasik68 [ 20 kvě 2019 20:06 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

Bohužel pořád to samé.

Autor:  Rudy [ 20 kvě 2019 20:14 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

V kterém prohlížeči se to děje?

Autor:  pasik68 [ 20 kvě 2019 20:14 ]
Předmět příspěvku:  Re: nejde se zbavit Ad-Aware SecureSearch

Firefox

Stránka 1 z 2 Všechny časy jsou v UTC + 1 hodina
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/