Zdravím Vás. Bohužel se mi stalo, že jsem si do PC nainstaloval nějaký ruský vir. Prvotně se projevoval ruskou domovskou stránkou a vyhledávačem v Mozille. Pokusil jsem se vše odstranit, ale bohužel jsem zjistil, že stále přetrvává. Momentálně se projevuje tím, že se mi v mozille přehrávají nějaké zvuky v ruštině, dále mám místo kurzoru packu jako by celý web byl odkaz a současně jsem zjistil, že mám blokované aktualizace antiviru a přístup na webové stránky společností poskytujících antivirový sw. Níže vkládám LOG RFST a Addition.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2019
Ran by Kuba (administrator) on DESKTOP-55V176A (14-07-2019 13:30:33)
Running from C:\Users\Kuba\Desktop
Loaded Profiles: Kuba (Available Profiles: Kuba)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(Finkit d.o.o. -> Finkit d.o.o.) C:\Program Files (x86)\ManicTime\ManicTime.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOVM.EXE
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [441856 2017-10-24] (Power Software Ltd) [File not signed]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\Run: [ManicTimeC34F57B2DA6E6758] => C:\Program Files (x86)\ManicTime\ManicTime.exe [63672 2019-06-17] (Finkit d.o.o. -> Finkit d.o.o.)
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\MountPoints2: E - "E:\OriginSetup.exe"
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3642880 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3613696 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-06-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1782044C-C742-4E1A-BC3F-DB3A132D6600} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {238DD95B-8D45-49EA-AD2E-BBA9A1F29FB3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {284BFDD5-7FA5-497C-9C97-4C5CDDB3A6FB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3516C0D6-EEFD-4406-B42E-54949B379BE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5104CD04-F9D4-4F57-9B6B-AE8EC0728068} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
"C:\Windows\System32\Tasks\JSpPUlYEOjGQEpF" was unlocked. <==== ATTENTION
Task: {56EFE5B7-5C4A-4403-AF42-6304B13978D3} - System32\Tasks\JSpPUlYEOjGQEpF => rundll32 "C:\Program Files (x86)\rZdaClXBU\LsmDMy.dll",#1
Task: {57560BA3-C38A-4A1B-80C8-814D2BF58599} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-10] (Adobe Inc. -> Adobe)
Task: {67DA840C-4267-4FC8-B936-74E5F36E6686} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AA1EDCB-2767-4884-A595-B32A0D9033CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {6B202AE3-8316-4BEC-989B-E2C0B834802A} - System32\Tasks\Sk213Pl => C:\Users\Kuba\AppData\Roaming\prunld2619\he66988.exe [1387878 2019-07-04] ( ) [File not signed]
Task: {71CC0078-71F7-4DCF-AA10-20C7F7FE8D26} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88405D1B-7C37-4D6E-A748-BF5F1F922196} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {891E48C2-31EB-414E-A51D-B7E1797D0E06} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9795EE8A-72D7-496A-AA15-6A845C99638F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F7D1304-DBD5-4CA1-9690-C82FDE79763F} - System32\Tasks\{6BE2D576-CC33-4325-8D05-A810F469BAA3} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... rror=12002
Task: {B63C38CE-60D1-493F-9E88-5F38DC45E094} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BBE30F16-7E68-43F8-9A03-29592B2D1407} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-55V176A-Kuba => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BCED478B-29F2-4E77-9EF3-17BE4A6F9DB8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF4AC2EB-77F6-40A6-97B7-26047A88705A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C168FFF2-9E7C-4F56-B144-CFA6782DADDE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {CD4A2399-557C-4346-A1A3-F73873CCC639} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-10] (Adobe Inc. -> Adobe)
Task: {D1DD627A-8E88-4FFF-AC36-5F4E769953A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D32E4CC6-ED29-452F-BF57-03BCB2B621E3} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D392619F-7F16-4550-B45B-2F85ACA4BD32} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E25A968A-A18C-4F93-A271-636EBE002897} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3629324-793B-43ED-8117-D132778E0EE8} - System32\Tasks\{0046C361-ECFF-4833-98B5-885FE9C45E90} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... tError=404
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5f3f0318-8a6f-416f-af53-f72ca4578cfb}: [NameServer] 45.86.180.227,185.162.93.213,185.4.65.4,116.203.6.218,185.130.104.222,185.4.64.13
Tcpip\..\Interfaces\{5f3f0318-8a6f-416f-af53-f72ca4578cfb}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mail.ru/cnt/10445?gp=834423
SearchScopes: HKU\S-1-5-21-3906236801-542463905-1627191007-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BA224F9EF-1CCD-404F-81D0-DFB48F187956%7D&gp=811610
SearchScopes: HKU\S-1-5-21-3906236801-542463905-1627191007-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BA224F9EF-1CCD-404F-81D0-DFB48F187956%7D&gp=811610
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: d8q5u490.default
FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default [2019-07-14]
FF user.js: detected! => C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\user.js [2019-07-10]
FF NewTabOverride: Mozilla\Firefox\Profiles\d8q5u490.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Google Translator for Firefox) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\translator@zoli.bod.xpi [2018-12-03]
FF Extension: (Mozilla Official) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2019-07-04] [not signed]
FF Extension: (No Name) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{E55C9A17-39B3-4F0A-9546-2E85FE620BE8}.xpi [2019-07-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811610"
CHR NewTab: Default -> Active:"chrome-extension://beliehdniadoecbonbhlcgbdldccfigp/visual-bookmarks.html"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B0CFACCC3-E582-425E-A0F2-21CE0194C35F%7D&gp=811610
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default [2019-07-04]
CHR Extension: (Prezentace) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-06]
CHR Extension: (Dokumenty) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-06]
CHR Extension: (Disk Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-06]
CHR Extension: (Пульс) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\beliehdniadoecbonbhlcgbdldccfigp [2019-07-04]
CHR Extension: (YouTube) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-01-06]
CHR Extension: (Tabulky) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-06]
CHR Extension: (Adblocker pro Youtube™) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpfiaecfobeadhikddakkmaapliokib [2019-07-04] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-01]
CHR Extension: (Mail.Ru) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-21]
CHR Extension: (Gmail) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-01]
CHR HKLM-x32\...\Chrome\Extension: [beliehdniadoecbonbhlcgbdldccfigp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iepoegkaoeljnbhagabakjodgpfniimo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232 2019-06-05] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider)
R3 L6TPortA; C:\WINDOWS\System32\Drivers\L6TPortA64.sys [777728 2015-08-21] (Line 6 -> Line 6)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_54bd1f10ac116cd5\nvlddmkm.sys [20605496 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [452008 2019-04-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 13:30 - 2019-07-14 13:31 - 000029370 _____ C:\Users\Kuba\Desktop\FRST.txt
2019-07-14 13:29 - 2019-07-14 13:29 - 002095104 _____ (Farbar) C:\Users\Kuba\Desktop\FRST64.exe
2019-07-14 13:25 - 2019-07-14 13:25 - 000388608 _____ (Trend Micro Inc.) C:\Users\Kuba\Desktop\hijackthis.exe
2019-07-14 13:15 - 2019-07-14 13:15 - 004260984 _____ (ESET) C:\Users\Kuba\Desktop\A431714_eset_nod32_antivirus_live_installer.exe
2019-07-14 11:48 - 2019-07-14 13:24 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\BitTorrent
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign8159335585e1f507
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign0234540b49d298ce
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files\Common Files\OFX
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files (x86)\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files (x86)\LooksBuilder
2019-07-04 15:15 - 2017-01-30 10:10 - 064336384 _____ (Red Giant LLC) C:\WINDOWS\system32\MBLooks4UI_x64.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 014733824 _____ C:\WINDOWS\system32\UniChooser.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 013148672 _____ (Red Giant Software) C:\WINDOWS\system32\Gpu_Shader_Engine_x64.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 005528064 _____ (Noesis Technologies) C:\WINDOWS\system32\Noesis.dll
2019-07-04 14:51 - 2019-07-04 14:55 - 000000000 ____D C:\Program Files (x86)\MachinerData
2019-07-04 14:51 - 2019-07-04 14:51 - 000003278 _____ C:\WINDOWS\System32\Tasks\Sk213Pl
2019-07-04 14:51 - 2019-07-04 14:51 - 000002638 _____ C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF
2019-07-04 14:51 - 2019-07-04 14:51 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\prunld2619
2019-07-04 14:50 - 2019-07-04 15:02 - 000000000 ____D C:\Users\Kuba\AppData\Local\Mail.Ru
2019-07-04 14:50 - 2019-07-04 14:50 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-07-04 14:48 - 2019-07-04 15:12 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2019-07-04 14:48 - 2019-07-04 14:48 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\WarThunder
2019-07-04 14:31 - 2019-07-04 14:31 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsignfb0572792069154b
2019-07-04 14:31 - 2019-07-04 14:31 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsignd687d5b42e9a3f5f
2019-06-29 16:48 - 2019-06-29 16:48 - 000000000 ____D C:\Users\Kuba\Desktop\InfranPlugin
2019-06-27 15:58 - 2019-06-27 15:58 - 000000133 _____ C:\Users\Kuba\Desktop\dr.m.txt
2019-06-27 15:44 - 2019-06-27 15:44 - 000000904 _____ C:\Users\Kuba\Desktop\Start Tor Browser.lnk
2019-06-27 15:43 - 2019-06-27 15:44 - 000000000 ____D C:\Users\Kuba\Desktop\Tor Browser
2019-06-27 15:43 - 2019-06-27 15:43 - 057221488 _____ C:\Users\Kuba\Desktop\torbrowser-install-win64-8.5.3_en-US.exe
2019-06-24 16:52 - 2019-06-24 16:59 - 000000000 ____D C:\Users\Kuba\Desktop\Mrdací Kajuška
2019-06-21 09:42 - 2019-06-21 09:42 - 000000000 ____D C:\Users\Kuba\AppData\Local\Finkit
2019-06-21 09:41 - 2019-06-21 09:41 - 020297872 _____ C:\Users\Kuba\Desktop\ManicTime.exe
2019-06-21 09:41 - 2019-06-21 09:41 - 000002107 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManicTime.lnk
2019-06-21 09:41 - 2019-06-21 09:41 - 000000000 ____D C:\Program Files (x86)\ManicTime
2019-06-21 07:54 - 2019-07-14 12:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-16 13:45 - 2019-06-16 13:45 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign87120e1df626d94e
2019-06-16 13:45 - 2019-06-16 13:45 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign4ceebf506a2e321c
2019-06-16 13:44 - 2019-06-16 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Video for Premiere
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 13:31 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-14 13:30 - 2018-05-16 08:31 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-14 13:30 - 2018-05-15 08:25 - 000715018 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-14 13:30 - 2018-05-15 08:25 - 000144332 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-14 13:30 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-14 13:30 - 2017-11-11 19:23 - 000000000 ____D C:\FRST
2019-07-14 13:30 - 2017-05-30 07:24 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\BitTorrent
2019-07-14 13:26 - 2017-07-12 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-14 13:25 - 2017-05-10 19:03 - 000000000 ____D C:\Users\Kuba\AppData\Local\VirtualStore
2019-07-14 13:24 - 2019-05-03 09:04 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-07-14 13:24 - 2018-10-09 13:50 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-14 13:24 - 2018-05-16 08:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-14 13:24 - 2017-05-10 19:59 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\Mozilla
2019-07-14 13:23 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-14 12:32 - 2017-05-15 13:34 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Spotify
2019-07-14 12:31 - 2018-05-16 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-14 12:20 - 2017-05-15 13:34 - 000000000 ____D C:\Users\Kuba\AppData\Local\Spotify
2019-07-14 11:13 - 2017-11-19 00:14 - 000000000 ____D C:\Users\Kuba\AppData\Local\Packages
2019-07-13 13:49 - 2018-05-16 08:23 - 000000000 ____D C:\Users\Kuba
2019-07-12 22:02 - 2018-10-12 10:50 - 000000600 _____ C:\Users\Kuba\AppData\Local\PUTTY.RND
2019-07-12 22:02 - 2018-10-12 10:47 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\FileZilla
2019-07-12 22:01 - 2017-11-11 12:47 - 000000000 ____D C:\Users\Kuba\AppData\Local\CrashDumps
2019-07-12 21:59 - 2018-05-16 08:26 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3906236801-542463905-1627191007-1001
2019-07-12 21:59 - 2018-05-16 08:23 - 000002403 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-12 21:59 - 2017-05-10 19:05 - 000000000 ___RD C:\Users\Kuba\OneDrive
2019-07-12 00:28 - 2017-05-12 14:51 - 000000000 ____D C:\Users\Kuba\AppData\Local\ElevatedDiagnostics
2019-07-11 21:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-07-10 14:54 - 2018-05-16 08:26 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-10 14:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-10 14:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-04 14:51 - 2017-11-11 12:47 - 000000258 __RSH C:\ProgramData\ntuser.pol
2019-07-04 14:50 - 2015-07-10 13:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-07-03 11:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-30 08:24 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-28 10:27 - 2017-05-20 13:46 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\audacity
2019-06-27 15:44 - 2017-06-01 15:21 - 000000952 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2019-06-24 14:37 - 2018-01-31 14:37 - 000000000 ____D C:\Users\Kuba\Desktop\Nová složka
2019-06-21 17:21 - 2017-05-10 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-21 09:31 - 2018-11-17 10:42 - 000000000 ____D C:\Program Files\rempl
2019-06-19 18:34 - 2019-02-20 15:18 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-06-19 18:34 - 2019-02-20 15:18 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-06-19 08:53 - 2017-05-24 17:17 - 000000000 ____D C:\Program Files\UNP
2019-06-16 13:44 - 2019-05-05 17:00 - 000000000 ____D C:\Program Files\Neat Video for Premiere
2019-06-14 09:46 - 2017-05-16 17:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ================
2019-03-07 12:09 - 2019-03-07 12:09 - 000000600 _____ () C:\Users\Kuba\AppData\Roaming\PUTTY.RND
2017-05-30 11:49 - 2018-04-22 17:59 - 000001480 _____ () C:\Users\Kuba\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-05-12 17:11 - 2019-05-14 10:44 - 000000081 _____ () C:\Users\Kuba\AppData\Local\FILM_AE_LogFile.txt
2017-11-11 12:47 - 2017-11-11 12:47 - 000140800 _____ () C:\Users\Kuba\AppData\Local\installer.dat
2018-09-27 16:20 - 2018-09-27 16:20 - 000000000 _____ () C:\Users\Kuba\AppData\Local\oobelibMkey.log
2018-10-12 10:50 - 2019-07-12 22:02 - 000000600 _____ () C:\Users\Kuba\AppData\Local\PUTTY.RND
2018-06-06 11:49 - 2018-06-06 11:49 - 000007626 _____ () C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2019
Ran by Kuba (14-07-2019 13:32:19)
Running from C:\Users\Kuba\Desktop
Windows 10 Home Version 1803 17134.829 (X64) (2018-05-16 06:26:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3906236801-542463905-1627191007-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3906236801-542463905-1627191007-503 - Limited - Disabled)
Guest (S-1-5-21-3906236801-542463905-1627191007-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3906236801-542463905-1627191007-1004 - Limited - Enabled)
Kuba (S-1-5-21-3906236801-542463905-1627191007-1001 - Administrator - Enabled) => C:\Users\Kuba
WDAGUtilityAccount (S-1-5-21-3906236801-542463905-1627191007-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe After (HKLM\...\{6A915992-D887-4897-82F5-950EDD12DEB1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_1) (Version: 15.1.1 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2019 (HKLM-x32\...\DRWV_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_4) (Version: 7.4 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Adobe Premiere (HKLM\...\{C1CB876C-A08E-4692-B525-42848BD154D7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
ApowerREC V1.3.3.8 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.3.3.8 - Apowersoft LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Audition (HKLM\...\{52452272-9233-4A27-AA7A-E05C2E7A61BD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
BitTorrent (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4700 (HKLM-x32\...\{299FCBE4-2869-4EE0-9143-28BDC2C585AC}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
DaVinci Resolve (HKLM\...\{AFB2735E-5364-4626-BB95-B7B8275B0AD1}) (Version: 15.3.1003 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden
encoder (HKLM\...\{816B3B8A-576A-4B1E-8C18-150BB3A9DD6C}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
FileZilla Client 3.37.4 (HKLM-x32\...\FileZilla Client) (Version: 3.37.4 - Tim Kosse)
Flash Memory Toolkit trial 2.01 (HKLM-x32\...\Flash Memory Toolkit trial_is1) (Version: - EFD Software)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: - )
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{28981D56-C55A-4972-998F-823590FD43A2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
ImageMagick 7.0.6-0 Q16 (64-bit) (2017-06-11) (HKLM\...\ImageMagick 7.0.6 Q16 (64-bit)_is1) (Version: 7.0.6 - ImageMagick Studio LLC)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Network Connections 21.1.29.0 (HKLM\...\PROSetDX) (Version: 21.1.29.0 - Intel)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
K-Lite Mega Codec Pack 13.1.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.1.6 - KLCP)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
Magic Bullet Suite v13.0.3 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.3 - Red Giant, LLC)
ManicTime (HKLM-x32\...\{3DC65CAD-FBF2-4E89-A404-99B59145FF5C}) (Version: 4.3.4.0 - Finkit d.o.o.)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.4 (x64 cs)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 3.5 - ABSoft)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden
Perfect Uninstaller v6.3.4.0 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.0 - Power Software Ltd)
PS_AIO_06_C4700_SW_Min (HKLM-x32\...\{C31578B7-B86A-419F-96AC-C85458764B22}) (Version: 140.0.863.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Ripple Desktop Wallet (HKLM\...\{47FAE72F-1C26-43EE-BFB0-9B54A5BA387F}) (Version: 1.4.1 - Rippex)
Ruske / Ukrajinske foneticke klavesnice pro WIN 2000/XP 1.3 (HKLM\...\Ruska / Ukrajinska foneticka klavesnice_is1) (Version: 1.5 - )
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\Spotify) (Version: 1.1.10.540.gfcf0430f - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
Telegram Desktop version 1.4.3 (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.4.3 - Telegram Messenger LLP)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VueScan x64 (HKLM\...\VueScan x64) (Version: - Hamrick Software)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Youtube Downloader HD v. 2.9.9.30 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-06-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3906236801-542463905-1627191007-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B7D7B2F7532E} -> [Creative Cloud Files] => C:\Users\Kuba\Creative Cloud Files [2018-05-28 17:25]
CustomCLSID: HKU\S-1-5-21-3906236801-542463905-1627191007-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] (Guangxi Nanning Qiwang Co. Ltd. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] (Guangxi Nanning Qiwang Co. Ltd. -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-06-21 11:21 - 2019-06-21 11:21 - 000365568 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Interop.UIAeaff150a#\05ee64ff017c59d981bbdfa943c88605\Interop.UIAutomationClient.ni.dll
2019-03-11 14:32 - 2019-03-11 14:32 - 001316864 _____ () [File not signed] C:\Program Files (x86)\ManicTime\x64\sqlcipher.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001561600 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani1352a8e6#\43dc052eaf5252f3ff0a096dda551a5c\Finkit.ManicTime.Shared.XmlSerializers.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000947712 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Irony\79f3855dae59dc23cabcf777e10d6153\Irony.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 013598720 _____ (.NET Foundation and Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Reactive\b48dd5210ae76cef58c9c3c28152e21d\System.Reactive.ni.dll
2017-06-05 18:31 - 2009-04-16 14:08 - 000248320 _____ (Access Denied) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp70v.dll
2019-06-21 11:20 - 2019-06-21 11:20 - 001127424 _____ (Autofac) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Autofac\7acc613af3f4efa5dce24dbec9b323ae\Autofac.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000163328 _____ (Dominick Baier;Brock Allen) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\IdentityMod705487aa#\a54ad7d542d428c677c8459f9db6143b\IdentityModel.OidcClient.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 002885120 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani24616bc2#\4f06e799190c3e265d086f0980773e1b\Finkit.ManicTime.Common.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 001243136 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Manic26b69e3#\d31e942853e092efe6ed4f7eb0525261\Finkit.ManicTime.Common.O.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 004182016 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Manie9c9b897#\513a1eeea6c1df555d242ed448ac3371\Finkit.ManicTime.Tracker.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001603072 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.Cc04b5347#\c32fa773e545d048aa32333148626d21\ManicTime.Client.Tracker.Win.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000065536 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime\051610c71fa164c0756ffdb7a95fbfd9\ManicTime.ni.exe
2019-06-21 11:21 - 2019-06-21 11:21 - 003743744 _____ (Finkit.ManicTime.Shared) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani497a5306#\15608c329173e146bea916133407007d\Finkit.ManicTime.Shared.ni.dll
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2016-08-24 16:54 - 2016-08-24 16:54 - 000352256 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001926144 _____ (ManicTime.Client) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.Client\6f00d781eae1748734821c8b129ca3ee\ManicTime.Client.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001376256 _____ (ManicTime.Client.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C043ae9f8#\7e8e2fdddd5469ccc6ed5219f3cf13fd\ManicTime.Client.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001641984 _____ (ManicTime.Client.Tracker) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C107cfc19#\92e6bea85732ccba24a2eea68a76e70f\ManicTime.Client.Tracker.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000761856 _____ (ManicTime.Client.Tracker.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C03e9988e#\1708519c56e3bd31e5d24c4bd66318d9\ManicTime.Client.Tracker.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 003833856 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\5a34fd43a5cc89566b6020a0e2286af8\Newtonsoft.Json.ni.dll
2017-10-24 04:39 - 2017-10-24 04:39 - 000441856 _____ (Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOVM.EXE
2019-06-21 11:21 - 2019-06-21 11:21 - 011467776 _____ (Shared.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Shared.Storage\5dbfb47794c83050bc868d678d554896\Shared.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001114112 _____ (Xamarin Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SkiaSharp\c608b4dbf18b75f999a81f7a7763aa8a\SkiaSharp.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000233472 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRa3789e0c2#\62fa7b0c40f0d349de34cac4e4db1af4\SQLitePCLRaw.provider.sqlcipher.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000011264 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaf488fa76#\d7d8a8c3ad012e0c990347af91a2cca2\SQLitePCLRaw.batteries_v2.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000193024 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaw.core\80c6cce0b8ea581d067b2ef71b11ca51\SQLitePCLRaw.core.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [382]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ImageMagick-7.0.6-Q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 45.86.180.227 - 185.162.93.213
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{F5AB4BA7-09E2-4A75-B59D-02C7A765F27A}C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{A6047765-F3C0-4E17-B009-7DD79F225F4A}C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{50BFE750-DE0C-4E4D-9AD0-35FA2D62C01B}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{3C62EA47-52CC-47E7-B9C4-DC3131BDA508}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [TCP Query User{D3707361-6BA4-49F0-B6C0-F19F88808E19}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{AF334917-2A36-4A17-8155-0949EA3411B7}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{ED1C42E8-47BE-4568-A745-6DE5131FB8BC}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{6F7E01E2-3698-4669-A4E2-9DB8A8446AEB}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
21-06-2019 09:30:48 Windows Update
30-06-2019 12:23:54 Scheduled Checkpoint
04-07-2019 15:20:37 Removed SafeMyWeb
12-07-2019 00:51:36 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/14/2019 01:25:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:24:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:24:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:15:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:47:58 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:47:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:08:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:08:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
System errors:
=============
Error: (07/14/2019 01:26:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/14/2019 01:26:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby gupdate bylo dosaženo časového limitu (30000 ms).
Error: (07/14/2019 01:24:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\NETWORK SERVICE (SID: S-1-5-20) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/14/2019 01:24:01 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu Microsoft-RMS-MSIPC/Debug. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
Error: (07/14/2019 01:24:01 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu DebugChannel. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
Error: (07/14/2019 01:23:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-55V176A)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/14/2019 01:23:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-55V176A)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/14/2019 01:23:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-55V176A)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2019-07-14 13:04:20.691
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {905044F8-B922-4B86-8D6B-2C125F90DB2C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-55V176A\Kuba
Date: 2019-07-05 00:45:46.638
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {315E8E5A-B1A1-4BC0-B3B6-FA1A11F29F90}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-07-04 15:24:31.796
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: High
Kategorie: Tool
Cesta: containerfile:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar; file:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar->Guitar Pro 6.0.9\Step 2 - Keygen\Keygen.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: DESKTOP-55V176A\Kuba
Název procesu: Unknown
Verze podpisu: AV: 1.297.421.0, AS: 1.297.421.0, NIS: 1.297.421.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4
Date: 2019-07-04 15:23:13.225
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {AF3B60D2-1E5A-4702-B301-5BF1BEC89C12}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-55V176A\Kuba
Date: 2019-07-04 15:23:13.225
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: High
Kategorie: Tool
Cesta: file:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar->Guitar Pro 6.0.9\Step 2 - Keygen\Keygen.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: DESKTOP-55V176A\Kuba
Název procesu: Unknown
Verze podpisu: AV: 1.297.353.0, AS: 1.297.353.0, NIS: 1.297.353.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4
Date: 2019-07-14 13:27:19.334
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.334
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.334
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.330
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.329
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-07-14 13:24:01.003
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 11:47:50.775
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 11:08:07.608
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-11 21:04:06.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-11 20:57:42.635
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-10 14:51:27.120
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-04 15:56:54.247
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-04 14:57:03.752
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.10 11/14/2016
Motherboard: ASRock Z270M Pro4
Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 17%
Total physical RAM: 32732.52 MB
Available physical RAM: 26844.24 MB
Total Virtual: 37596.52 MB
Available Virtual: 29148.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.92 GB) (Free:86.53 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:194.43 GB) NTFS
\\?\Volume{5670ee53-7474-4e3f-b72d-70bb7fb6bd39}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{ffac9eed-4bc7-4652-963a-64d5ea51b640}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zvuky v ruštině v Mozille, místo běžného kurzoru ikona dlaně
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-14-2019
# Duration: 00:00:12
# OS: Windows 10 Home
# Scanned: 27198
# Detected: 24
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.ChinAd C:\ProgramData\CupCheck
Adware.ChinAd C:\ProgramData\LCFApp
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\Kuba\AppData\Roaming\Seznam.cz
PUP.Optional.UCBrowser C:\Users\Kuba\AppData\Local\UCBrowser
Trojan.Agent C:\Program Files (x86)\Textify Company
***** [ Files ] *****
PUP.Optional.Legacy C:\Users\Kuba\Favorites\?????? ? ?????????.url
PUP.Optional.Mail.Ru C:\Users\Kuba\Favorites\Mail.Ru.url
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
Adware.NeoBar HKLM\Software\Wow6432Node\\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
PUP.Optional.HexaDesk HKCU\Software\HexaDesK
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ak.staticimgfarm.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hp.myway.com
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
PUP.Optional.Mail.Ru HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
PUP.Optional.Mail.Ru HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.Mail.Ru HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
PUP.Optional.Mail.Ru HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
PUP.Optional.Mail.Ru HKLM\Software\Classes\IESearchPlugin.MailRuBHO
PUP.Optional.Microleaves HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Optional.Microleaves HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Mail.Ru ???????? ???????? ? ????? ?? Mail.Ru
PUP.Optional.Mail.Ru ?????
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-14-2019
# Duration: 00:00:12
# OS: Windows 10 Home
# Scanned: 27198
# Detected: 24
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.ChinAd C:\ProgramData\CupCheck
Adware.ChinAd C:\ProgramData\LCFApp
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\Kuba\AppData\Roaming\Seznam.cz
PUP.Optional.UCBrowser C:\Users\Kuba\AppData\Local\UCBrowser
Trojan.Agent C:\Program Files (x86)\Textify Company
***** [ Files ] *****
PUP.Optional.Legacy C:\Users\Kuba\Favorites\?????? ? ?????????.url
PUP.Optional.Mail.Ru C:\Users\Kuba\Favorites\Mail.Ru.url
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
Adware.NeoBar HKLM\Software\Wow6432Node\\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
PUP.Optional.HexaDesk HKCU\Software\HexaDesK
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ak.staticimgfarm.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hp.myway.com
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
PUP.Optional.Mail.Ru HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
PUP.Optional.Mail.Ru HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.Mail.Ru HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
PUP.Optional.Mail.Ru HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
PUP.Optional.Mail.Ru HKLM\Software\Classes\IESearchPlugin.MailRuBHO
PUP.Optional.Microleaves HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Optional.Microleaves HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Mail.Ru ???????? ???????? ? ????? ?? Mail.Ru
PUP.Optional.Mail.Ru ?????
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
Pardon, předtím jsem zapomněl dát odtsranit hrozby... takže zde nový log po odstranění a ještě do pošlu ty další:
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-14-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 22
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files (x86)\Textify Company
Deleted C:\ProgramData\CupCheck
Deleted C:\ProgramData\LCFApp
Deleted C:\Users\Kuba\AppData\Local\UCBrowser
Deleted C:\Users\Kuba\AppData\Roaming\Seznam.cz
***** [ Files ] *****
Deleted C:\Users\Kuba\Favorites\Mail.Ru.url
Deleted C:\Users\Kuba\Favorites\?????? ? ?????????.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKCU\Software\HexaDesK
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hp.myway.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Classes\IESearchPlugin.MailRuBHO
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
***** [ Chromium (and derivatives) ] *****
Not Deleted ???????? ???????? ? ????? ?? Mail.Ru
Not Deleted ?????
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3161 octets] - [14/07/2019 18:00:53]
AdwCleaner[S01].txt - [3222 octets] - [14/07/2019 18:07:57]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-14-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 22
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files (x86)\Textify Company
Deleted C:\ProgramData\CupCheck
Deleted C:\ProgramData\LCFApp
Deleted C:\Users\Kuba\AppData\Local\UCBrowser
Deleted C:\Users\Kuba\AppData\Roaming\Seznam.cz
***** [ Files ] *****
Deleted C:\Users\Kuba\Favorites\Mail.Ru.url
Deleted C:\Users\Kuba\Favorites\?????? ? ?????????.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKCU\Software\HexaDesK
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hp.myway.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Classes\IESearchPlugin.MailRuBHO
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
***** [ Chromium (and derivatives) ] *****
Not Deleted ???????? ???????? ? ????? ?? Mail.Ru
Not Deleted ?????
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3161 octets] - [14/07/2019 18:00:53]
AdwCleaner[S01].txt - [3222 octets] - [14/07/2019 18:07:57]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2019
Ran by Kuba (administrator) on DESKTOP-55V176A (14-07-2019 18:10:10)
Running from C:\Users\Kuba\Desktop
Loaded Profiles: Kuba (Available Profiles: Kuba)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Finkit d.o.o. -> Finkit d.o.o.) C:\Program Files (x86)\ManicTime\ManicTime.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOVM.EXE
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [441856 2017-10-24] (Power Software Ltd) [File not signed]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\Run: [ManicTimeC34F57B2DA6E6758] => C:\Program Files (x86)\ManicTime\ManicTime.exe [63672 2019-06-17] (Finkit d.o.o. -> Finkit d.o.o.)
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\MountPoints2: E - "E:\OriginSetup.exe"
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3642880 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3613696 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-06-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1782044C-C742-4E1A-BC3F-DB3A132D6600} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {238DD95B-8D45-49EA-AD2E-BBA9A1F29FB3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {284BFDD5-7FA5-497C-9C97-4C5CDDB3A6FB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3516C0D6-EEFD-4406-B42E-54949B379BE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5104CD04-F9D4-4F57-9B6B-AE8EC0728068} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {56EFE5B7-5C4A-4403-AF42-6304B13978D3} - System32\Tasks\JSpPUlYEOjGQEpF => rundll32 "C:\Program Files (x86)\rZdaClXBU\LsmDMy.dll",#1
Task: {57560BA3-C38A-4A1B-80C8-814D2BF58599} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-10] (Adobe Inc. -> Adobe)
Task: {67DA840C-4267-4FC8-B936-74E5F36E6686} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AA1EDCB-2767-4884-A595-B32A0D9033CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {6B202AE3-8316-4BEC-989B-E2C0B834802A} - System32\Tasks\Sk213Pl => C:\Users\Kuba\AppData\Roaming\prunld2619\he66988.exe [1387878 2019-07-04] ( ) [File not signed]
Task: {71CC0078-71F7-4DCF-AA10-20C7F7FE8D26} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88405D1B-7C37-4D6E-A748-BF5F1F922196} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {891E48C2-31EB-414E-A51D-B7E1797D0E06} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9795EE8A-72D7-496A-AA15-6A845C99638F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F7D1304-DBD5-4CA1-9690-C82FDE79763F} - System32\Tasks\{6BE2D576-CC33-4325-8D05-A810F469BAA3} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... rror=12002
Task: {B63C38CE-60D1-493F-9E88-5F38DC45E094} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BBE30F16-7E68-43F8-9A03-29592B2D1407} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-55V176A-Kuba => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BCED478B-29F2-4E77-9EF3-17BE4A6F9DB8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF4AC2EB-77F6-40A6-97B7-26047A88705A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C168FFF2-9E7C-4F56-B144-CFA6782DADDE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {CD4A2399-557C-4346-A1A3-F73873CCC639} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-10] (Adobe Inc. -> Adobe)
Task: {D1DD627A-8E88-4FFF-AC36-5F4E769953A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D32E4CC6-ED29-452F-BF57-03BCB2B621E3} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D392619F-7F16-4550-B45B-2F85ACA4BD32} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E25A968A-A18C-4F93-A271-636EBE002897} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3629324-793B-43ED-8117-D132778E0EE8} - System32\Tasks\{0046C361-ECFF-4833-98B5-885FE9C45E90} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... tError=404
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5f3f0318-8a6f-416f-af53-f72ca4578cfb}: [NameServer] 45.86.180.227,185.162.93.213,185.4.65.4,116.203.6.218,185.130.104.222,185.4.64.13
Tcpip\..\Interfaces\{5f3f0318-8a6f-416f-af53-f72ca4578cfb}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3906236801-542463905-1627191007-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: d8q5u490.default
FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default [2019-07-14]
FF user.js: detected! => C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\user.js [2019-07-10]
FF NewTabOverride: Mozilla\Firefox\Profiles\d8q5u490.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Google Translator for Firefox) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\translator@zoli.bod.xpi [2018-12-03]
FF Extension: (Mozilla Official) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2019-07-04] [not signed]
FF Extension: (No Name) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{E55C9A17-39B3-4F0A-9546-2E85FE620BE8}.xpi [2019-07-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811610"
CHR NewTab: Default -> Active:"chrome-extension://beliehdniadoecbonbhlcgbdldccfigp/visual-bookmarks.html"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B0CFACCC3-E582-425E-A0F2-21CE0194C35F%7D&gp=811610
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default [2019-07-04]
CHR Extension: (Prezentace) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-06]
CHR Extension: (Dokumenty) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-06]
CHR Extension: (Disk Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-06]
CHR Extension: (Пульс) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\beliehdniadoecbonbhlcgbdldccfigp [2019-07-04]
CHR Extension: (YouTube) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-01-06]
CHR Extension: (Tabulky) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-06]
CHR Extension: (Adblocker pro Youtube™) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpfiaecfobeadhikddakkmaapliokib [2019-07-04] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-01]
CHR Extension: (Mail.Ru) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-21]
CHR Extension: (Gmail) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-01]
CHR HKLM-x32\...\Chrome\Extension: [beliehdniadoecbonbhlcgbdldccfigp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iepoegkaoeljnbhagabakjodgpfniimo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232 2019-06-05] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider)
R3 L6TPortA; C:\WINDOWS\System32\Drivers\L6TPortA64.sys [777728 2015-08-21] (Line 6 -> Line 6)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_54bd1f10ac116cd5\nvlddmkm.sys [20605496 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [452008 2019-04-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 18:00 - 2019-07-14 18:00 - 007025360 _____ (Malwarebytes) C:\Users\Kuba\Desktop\AdwCleaner.exe
2019-07-14 17:58 - 2019-07-14 17:58 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\BitTorrent
2019-07-14 13:32 - 2019-07-14 18:07 - 000036384 _____ C:\Users\Kuba\Desktop\Addition.txt
2019-07-14 13:30 - 2019-07-14 18:11 - 000028144 _____ C:\Users\Kuba\Desktop\FRST.txt
2019-07-14 13:29 - 2019-07-14 13:29 - 002095104 _____ (Farbar) C:\Users\Kuba\Desktop\FRST64.exe
2019-07-14 13:25 - 2019-07-14 13:25 - 000388608 _____ (Trend Micro Inc.) C:\Users\Kuba\Desktop\hijackthis.exe
2019-07-14 13:15 - 2019-07-14 13:15 - 004260984 _____ (ESET) C:\Users\Kuba\Desktop\A431714_eset_nod32_antivirus_live_installer.exe
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign8159335585e1f507
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign0234540b49d298ce
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files\Common Files\OFX
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files (x86)\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files (x86)\LooksBuilder
2019-07-04 15:15 - 2017-01-30 10:10 - 064336384 _____ (Red Giant LLC) C:\WINDOWS\system32\MBLooks4UI_x64.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 014733824 _____ C:\WINDOWS\system32\UniChooser.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 013148672 _____ (Red Giant Software) C:\WINDOWS\system32\Gpu_Shader_Engine_x64.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 005528064 _____ (Noesis Technologies) C:\WINDOWS\system32\Noesis.dll
2019-07-04 14:51 - 2019-07-04 14:55 - 000000000 ____D C:\Program Files (x86)\MachinerData
2019-07-04 14:51 - 2019-07-04 14:51 - 000003278 _____ C:\WINDOWS\System32\Tasks\Sk213Pl
2019-07-04 14:51 - 2019-07-04 14:51 - 000002638 _____ C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF
2019-07-04 14:51 - 2019-07-04 14:51 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\prunld2619
2019-07-04 14:50 - 2019-07-04 15:02 - 000000000 ____D C:\Users\Kuba\AppData\Local\Mail.Ru
2019-07-04 14:50 - 2019-07-04 14:50 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-07-04 14:48 - 2019-07-04 15:12 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2019-07-04 14:48 - 2019-07-04 14:48 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\WarThunder
2019-07-04 14:31 - 2019-07-04 14:31 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsignfb0572792069154b
2019-07-04 14:31 - 2019-07-04 14:31 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsignd687d5b42e9a3f5f
2019-06-29 16:48 - 2019-06-29 16:48 - 000000000 ____D C:\Users\Kuba\Desktop\InfranPlugin
2019-06-27 15:58 - 2019-06-27 15:58 - 000000133 _____ C:\Users\Kuba\Desktop\dr.m.txt
2019-06-27 15:44 - 2019-06-27 15:44 - 000000904 _____ C:\Users\Kuba\Desktop\Start Tor Browser.lnk
2019-06-27 15:43 - 2019-06-27 15:44 - 000000000 ____D C:\Users\Kuba\Desktop\Tor Browser
2019-06-27 15:43 - 2019-06-27 15:43 - 057221488 _____ C:\Users\Kuba\Desktop\torbrowser-install-win64-8.5.3_en-US.exe
2019-06-24 16:52 - 2019-06-24 16:59 - 000000000 ____D C:\Users\Kuba\Desktop\Mrdací Kajuška
2019-06-21 09:42 - 2019-06-21 09:42 - 000000000 ____D C:\Users\Kuba\AppData\Local\Finkit
2019-06-21 09:41 - 2019-06-21 09:41 - 020297872 _____ C:\Users\Kuba\Desktop\ManicTime.exe
2019-06-21 09:41 - 2019-06-21 09:41 - 000002107 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManicTime.lnk
2019-06-21 09:41 - 2019-06-21 09:41 - 000000000 ____D C:\Program Files (x86)\ManicTime
2019-06-21 07:54 - 2019-07-14 12:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-16 13:45 - 2019-06-16 13:45 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign87120e1df626d94e
2019-06-16 13:45 - 2019-06-16 13:45 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign4ceebf506a2e321c
2019-06-16 13:44 - 2019-06-16 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Video for Premiere
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 18:10 - 2017-07-12 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-14 18:09 - 2017-05-10 19:59 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\Mozilla
2019-07-14 18:08 - 2019-05-03 09:04 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-07-14 18:08 - 2018-10-09 13:50 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-14 18:08 - 2018-05-16 08:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-14 18:08 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-14 18:08 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-14 18:06 - 2017-05-30 07:24 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\BitTorrent
2019-07-14 18:05 - 2017-11-11 19:23 - 000000000 ____D C:\FRST
2019-07-14 18:04 - 2018-05-16 08:31 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-14 18:04 - 2018-05-15 08:25 - 000715018 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-14 18:04 - 2018-05-15 08:25 - 000144332 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-14 18:04 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-14 18:00 - 2017-11-11 17:29 - 000000000 ____D C:\AdwCleaner
2019-07-14 17:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-07-14 17:58 - 2018-05-16 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-14 13:25 - 2017-05-10 19:03 - 000000000 ____D C:\Users\Kuba\AppData\Local\VirtualStore
2019-07-14 13:16 - 2017-05-15 13:34 - 000000000 ____D C:\Users\Kuba\AppData\Local\Spotify
2019-07-14 12:32 - 2017-05-15 13:34 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Spotify
2019-07-14 11:13 - 2017-11-19 00:14 - 000000000 ____D C:\Users\Kuba\AppData\Local\Packages
2019-07-13 13:49 - 2018-05-16 08:23 - 000000000 ____D C:\Users\Kuba
2019-07-12 22:02 - 2018-10-12 10:50 - 000000600 _____ C:\Users\Kuba\AppData\Local\PUTTY.RND
2019-07-12 22:02 - 2018-10-12 10:47 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\FileZilla
2019-07-12 22:01 - 2017-11-11 12:47 - 000000000 ____D C:\Users\Kuba\AppData\Local\CrashDumps
2019-07-12 21:59 - 2018-05-16 08:26 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3906236801-542463905-1627191007-1001
2019-07-12 21:59 - 2018-05-16 08:23 - 000002403 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-12 21:59 - 2017-05-10 19:05 - 000000000 ___RD C:\Users\Kuba\OneDrive
2019-07-12 00:28 - 2017-05-12 14:51 - 000000000 ____D C:\Users\Kuba\AppData\Local\ElevatedDiagnostics
2019-07-10 14:54 - 2018-05-16 08:26 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-10 14:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-10 14:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-04 14:51 - 2017-11-11 12:47 - 000000258 __RSH C:\ProgramData\ntuser.pol
2019-07-04 14:50 - 2015-07-10 13:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-07-03 11:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-30 08:24 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-28 10:27 - 2017-05-20 13:46 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\audacity
2019-06-27 15:44 - 2017-06-01 15:21 - 000000952 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2019-06-24 14:37 - 2018-01-31 14:37 - 000000000 ____D C:\Users\Kuba\Desktop\Nová složka
2019-06-21 17:21 - 2017-05-10 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-21 09:31 - 2018-11-17 10:42 - 000000000 ____D C:\Program Files\rempl
2019-06-19 18:34 - 2019-02-20 15:18 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-06-19 18:34 - 2019-02-20 15:18 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-06-19 08:53 - 2017-05-24 17:17 - 000000000 ____D C:\Program Files\UNP
2019-06-16 13:44 - 2019-05-05 17:00 - 000000000 ____D C:\Program Files\Neat Video for Premiere
2019-06-14 09:46 - 2017-05-16 17:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ================
2019-03-07 12:09 - 2019-03-07 12:09 - 000000600 _____ () C:\Users\Kuba\AppData\Roaming\PUTTY.RND
2017-05-30 11:49 - 2018-04-22 17:59 - 000001480 _____ () C:\Users\Kuba\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-05-12 17:11 - 2019-05-14 10:44 - 000000081 _____ () C:\Users\Kuba\AppData\Local\FILM_AE_LogFile.txt
2017-11-11 12:47 - 2017-11-11 12:47 - 000140800 _____ () C:\Users\Kuba\AppData\Local\installer.dat
2018-09-27 16:20 - 2018-09-27 16:20 - 000000000 _____ () C:\Users\Kuba\AppData\Local\oobelibMkey.log
2018-10-12 10:50 - 2019-07-12 22:02 - 000000600 _____ () C:\Users\Kuba\AppData\Local\PUTTY.RND
2018-06-06 11:49 - 2018-06-06 11:49 - 000007626 _____ () C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2019
Ran by Kuba (14-07-2019 18:11:48)
Running from C:\Users\Kuba\Desktop
Windows 10 Home Version 1803 17134.829 (X64) (2018-05-16 06:26:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3906236801-542463905-1627191007-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3906236801-542463905-1627191007-503 - Limited - Disabled)
Guest (S-1-5-21-3906236801-542463905-1627191007-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3906236801-542463905-1627191007-1004 - Limited - Enabled)
Kuba (S-1-5-21-3906236801-542463905-1627191007-1001 - Administrator - Enabled) => C:\Users\Kuba
WDAGUtilityAccount (S-1-5-21-3906236801-542463905-1627191007-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe After (HKLM\...\{6A915992-D887-4897-82F5-950EDD12DEB1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_1) (Version: 15.1.1 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2019 (HKLM-x32\...\DRWV_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_4) (Version: 7.4 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Adobe Premiere (HKLM\...\{C1CB876C-A08E-4692-B525-42848BD154D7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
ApowerREC V1.3.3.8 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.3.3.8 - Apowersoft LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Audition (HKLM\...\{52452272-9233-4A27-AA7A-E05C2E7A61BD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
BitTorrent (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4700 (HKLM-x32\...\{299FCBE4-2869-4EE0-9143-28BDC2C585AC}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
DaVinci Resolve (HKLM\...\{AFB2735E-5364-4626-BB95-B7B8275B0AD1}) (Version: 15.3.1003 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden
encoder (HKLM\...\{816B3B8A-576A-4B1E-8C18-150BB3A9DD6C}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
FileZilla Client 3.37.4 (HKLM-x32\...\FileZilla Client) (Version: 3.37.4 - Tim Kosse)
Flash Memory Toolkit trial 2.01 (HKLM-x32\...\Flash Memory Toolkit trial_is1) (Version: - EFD Software)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: - )
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{28981D56-C55A-4972-998F-823590FD43A2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
ImageMagick 7.0.6-0 Q16 (64-bit) (2017-06-11) (HKLM\...\ImageMagick 7.0.6 Q16 (64-bit)_is1) (Version: 7.0.6 - ImageMagick Studio LLC)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Network Connections 21.1.29.0 (HKLM\...\PROSetDX) (Version: 21.1.29.0 - Intel)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
K-Lite Mega Codec Pack 13.1.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.1.6 - KLCP)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
Magic Bullet Suite v13.0.3 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.3 - Red Giant, LLC)
ManicTime (HKLM-x32\...\{3DC65CAD-FBF2-4E89-A404-99B59145FF5C}) (Version: 4.3.4.0 - Finkit d.o.o.)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.4 (x64 cs)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 3.5 - ABSoft)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden
Perfect Uninstaller v6.3.4.0 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.0 - Power Software Ltd)
PS_AIO_06_C4700_SW_Min (HKLM-x32\...\{C31578B7-B86A-419F-96AC-C85458764B22}) (Version: 140.0.863.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Ripple Desktop Wallet (HKLM\...\{47FAE72F-1C26-43EE-BFB0-9B54A5BA387F}) (Version: 1.4.1 - Rippex)
Ruske / Ukrajinske foneticke klavesnice pro WIN 2000/XP 1.3 (HKLM\...\Ruska / Ukrajinska foneticka klavesnice_is1) (Version: 1.5 - )
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\Spotify) (Version: 1.1.10.540.gfcf0430f - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
Telegram Desktop version 1.4.3 (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.4.3 - Telegram Messenger LLP)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VueScan x64 (HKLM\...\VueScan x64) (Version: - Hamrick Software)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Youtube Downloader HD v. 2.9.9.30 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-06-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3906236801-542463905-1627191007-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B7D7B2F7532E} -> [Creative Cloud Files] => C:\Users\Kuba\Creative Cloud Files [2018-05-28 17:25]
CustomCLSID: HKU\S-1-5-21-3906236801-542463905-1627191007-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] (Guangxi Nanning Qiwang Co. Ltd. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] (Guangxi Nanning Qiwang Co. Ltd. -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-06-21 11:21 - 2019-06-21 11:21 - 000365568 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Interop.UIAeaff150a#\05ee64ff017c59d981bbdfa943c88605\Interop.UIAutomationClient.ni.dll
2019-03-11 14:32 - 2019-03-11 14:32 - 001316864 _____ () [File not signed] C:\Program Files (x86)\ManicTime\x64\sqlcipher.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001561600 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani1352a8e6#\43dc052eaf5252f3ff0a096dda551a5c\Finkit.ManicTime.Shared.XmlSerializers.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000947712 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Irony\79f3855dae59dc23cabcf777e10d6153\Irony.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 013598720 _____ (.NET Foundation and Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Reactive\b48dd5210ae76cef58c9c3c28152e21d\System.Reactive.ni.dll
2017-06-05 18:31 - 2009-04-16 14:08 - 000248320 _____ (Access Denied) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp70v.dll
2019-06-21 11:20 - 2019-06-21 11:20 - 001127424 _____ (Autofac) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Autofac\7acc613af3f4efa5dce24dbec9b323ae\Autofac.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000163328 _____ (Dominick Baier;Brock Allen) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\IdentityMod705487aa#\a54ad7d542d428c677c8459f9db6143b\IdentityModel.OidcClient.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 002885120 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani24616bc2#\4f06e799190c3e265d086f0980773e1b\Finkit.ManicTime.Common.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 001243136 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Manic26b69e3#\d31e942853e092efe6ed4f7eb0525261\Finkit.ManicTime.Common.O.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 004182016 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Manie9c9b897#\513a1eeea6c1df555d242ed448ac3371\Finkit.ManicTime.Tracker.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001603072 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.Cc04b5347#\c32fa773e545d048aa32333148626d21\ManicTime.Client.Tracker.Win.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000065536 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime\051610c71fa164c0756ffdb7a95fbfd9\ManicTime.ni.exe
2019-06-21 11:21 - 2019-06-21 11:21 - 003743744 _____ (Finkit.ManicTime.Shared) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani497a5306#\15608c329173e146bea916133407007d\Finkit.ManicTime.Shared.ni.dll
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001926144 _____ (ManicTime.Client) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.Client\6f00d781eae1748734821c8b129ca3ee\ManicTime.Client.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001376256 _____ (ManicTime.Client.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C043ae9f8#\7e8e2fdddd5469ccc6ed5219f3cf13fd\ManicTime.Client.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001641984 _____ (ManicTime.Client.Tracker) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C107cfc19#\92e6bea85732ccba24a2eea68a76e70f\ManicTime.Client.Tracker.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000761856 _____ (ManicTime.Client.Tracker.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C03e9988e#\1708519c56e3bd31e5d24c4bd66318d9\ManicTime.Client.Tracker.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 003833856 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\5a34fd43a5cc89566b6020a0e2286af8\Newtonsoft.Json.ni.dll
2017-10-24 04:38 - 2017-10-24 04:38 - 000311808 _____ (Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOSH.DLL
2017-10-24 04:39 - 2017-10-24 04:39 - 000441856 _____ (Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOVM.EXE
2019-06-21 11:21 - 2019-06-21 11:21 - 011467776 _____ (Shared.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Shared.Storage\5dbfb47794c83050bc868d678d554896\Shared.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001114112 _____ (Xamarin Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SkiaSharp\c608b4dbf18b75f999a81f7a7763aa8a\SkiaSharp.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000233472 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRa3789e0c2#\62fa7b0c40f0d349de34cac4e4db1af4\SQLitePCLRaw.provider.sqlcipher.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000011264 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaf488fa76#\d7d8a8c3ad012e0c990347af91a2cca2\SQLitePCLRaw.batteries_v2.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000193024 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaw.core\80c6cce0b8ea581d067b2ef71b11ca51\SQLitePCLRaw.core.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [382]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ImageMagick-7.0.6-Q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 45.86.180.227 - 185.162.93.213
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{F5AB4BA7-09E2-4A75-B59D-02C7A765F27A}C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{A6047765-F3C0-4E17-B009-7DD79F225F4A}C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{50BFE750-DE0C-4E4D-9AD0-35FA2D62C01B}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{3C62EA47-52CC-47E7-B9C4-DC3131BDA508}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [TCP Query User{D3707361-6BA4-49F0-B6C0-F19F88808E19}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{AF334917-2A36-4A17-8155-0949EA3411B7}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{ED1C42E8-47BE-4568-A745-6DE5131FB8BC}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{6F7E01E2-3698-4669-A4E2-9DB8A8446AEB}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
21-06-2019 09:30:48 Windows Update
30-06-2019 12:23:54 Scheduled Checkpoint
04-07-2019 15:20:37 Removed SafeMyWeb
12-07-2019 00:51:36 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/14/2019 06:08:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 06:08:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 06:07:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 13.7.2019.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 35fc
Čas spuštění: 01d53a5de6a43c6e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\Kuba\Desktop\FRST64.exe
ID hlášení: 52e22e5d-04a9-4548-803c-3778bc70c52c
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (07/14/2019 06:00:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 05:58:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 05:58:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:25:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:24:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
System errors:
=============
Error: (07/14/2019 06:10:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/14/2019 06:10:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby gupdate bylo dosaženo časového limitu (30000 ms).
Error: (07/14/2019 06:08:27 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu Microsoft-RMS-MSIPC/Debug. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
Error: (07/14/2019 06:08:27 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu DebugChannel. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
Error: (07/14/2019 06:08:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Remediation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/14/2019 06:08:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player Network Sharing Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restart the service.
Error: (07/14/2019 06:08:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restart the service.
Error: (07/14/2019 06:08:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restart the service.
Windows Defender:
===================================
Date: 2019-07-14 13:04:20.691
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {905044F8-B922-4B86-8D6B-2C125F90DB2C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-55V176A\Kuba
Date: 2019-07-05 00:45:46.638
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {315E8E5A-B1A1-4BC0-B3B6-FA1A11F29F90}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-07-04 15:24:31.796
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: High
Kategorie: Tool
Cesta: containerfile:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar; file:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar->Guitar Pro 6.0.9\Step 2 - Keygen\Keygen.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: DESKTOP-55V176A\Kuba
Název procesu: Unknown
Verze podpisu: AV: 1.297.421.0, AS: 1.297.421.0, NIS: 1.297.421.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4
Date: 2019-07-04 15:23:13.225
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {AF3B60D2-1E5A-4702-B301-5BF1BEC89C12}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-55V176A\Kuba
Date: 2019-07-04 15:23:13.225
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: High
Kategorie: Tool
Cesta: file:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar->Guitar Pro 6.0.9\Step 2 - Keygen\Keygen.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: DESKTOP-55V176A\Kuba
Název procesu: Unknown
Verze podpisu: AV: 1.297.353.0, AS: 1.297.353.0, NIS: 1.297.353.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4
Date: 2019-07-14 18:09:50.223
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 18:09:50.223
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 18:09:50.223
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 18:09:50.217
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 18:09:50.217
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-07-14 18:08:26.539
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 17:58:01.505
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 13:24:01.003
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 11:47:50.775
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 11:08:07.608
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-11 21:04:06.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-11 20:57:42.635
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-10 14:51:27.120
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.10 11/14/2016
Motherboard: ASRock Z270M Pro4
Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 12%
Total physical RAM: 32732.52 MB
Available physical RAM: 28750.36 MB
Total Virtual: 37596.52 MB
Available Virtual: 32174.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.92 GB) (Free:86.38 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:194.43 GB) NTFS
\\?\Volume{5670ee53-7474-4e3f-b72d-70bb7fb6bd39}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{ffac9eed-4bc7-4652-963a-64d5ea51b640}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Kuba (administrator) on DESKTOP-55V176A (14-07-2019 18:10:10)
Running from C:\Users\Kuba\Desktop
Loaded Profiles: Kuba (Available Profiles: Kuba)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Finkit d.o.o. -> Finkit d.o.o.) C:\Program Files (x86)\ManicTime\ManicTime.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOVM.EXE
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [441856 2017-10-24] (Power Software Ltd) [File not signed]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\Run: [ManicTimeC34F57B2DA6E6758] => C:\Program Files (x86)\ManicTime\ManicTime.exe [63672 2019-06-17] (Finkit d.o.o. -> Finkit d.o.o.)
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\MountPoints2: E - "E:\OriginSetup.exe"
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3642880 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3613696 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-06-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1782044C-C742-4E1A-BC3F-DB3A132D6600} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {238DD95B-8D45-49EA-AD2E-BBA9A1F29FB3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {284BFDD5-7FA5-497C-9C97-4C5CDDB3A6FB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3516C0D6-EEFD-4406-B42E-54949B379BE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5104CD04-F9D4-4F57-9B6B-AE8EC0728068} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {56EFE5B7-5C4A-4403-AF42-6304B13978D3} - System32\Tasks\JSpPUlYEOjGQEpF => rundll32 "C:\Program Files (x86)\rZdaClXBU\LsmDMy.dll",#1
Task: {57560BA3-C38A-4A1B-80C8-814D2BF58599} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-10] (Adobe Inc. -> Adobe)
Task: {67DA840C-4267-4FC8-B936-74E5F36E6686} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AA1EDCB-2767-4884-A595-B32A0D9033CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {6B202AE3-8316-4BEC-989B-E2C0B834802A} - System32\Tasks\Sk213Pl => C:\Users\Kuba\AppData\Roaming\prunld2619\he66988.exe [1387878 2019-07-04] ( ) [File not signed]
Task: {71CC0078-71F7-4DCF-AA10-20C7F7FE8D26} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88405D1B-7C37-4D6E-A748-BF5F1F922196} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {891E48C2-31EB-414E-A51D-B7E1797D0E06} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9795EE8A-72D7-496A-AA15-6A845C99638F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F7D1304-DBD5-4CA1-9690-C82FDE79763F} - System32\Tasks\{6BE2D576-CC33-4325-8D05-A810F469BAA3} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... rror=12002
Task: {B63C38CE-60D1-493F-9E88-5F38DC45E094} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BBE30F16-7E68-43F8-9A03-29592B2D1407} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-55V176A-Kuba => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BCED478B-29F2-4E77-9EF3-17BE4A6F9DB8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF4AC2EB-77F6-40A6-97B7-26047A88705A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C168FFF2-9E7C-4F56-B144-CFA6782DADDE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {CD4A2399-557C-4346-A1A3-F73873CCC639} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-10] (Adobe Inc. -> Adobe)
Task: {D1DD627A-8E88-4FFF-AC36-5F4E769953A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D32E4CC6-ED29-452F-BF57-03BCB2B621E3} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D392619F-7F16-4550-B45B-2F85ACA4BD32} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E25A968A-A18C-4F93-A271-636EBE002897} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3629324-793B-43ED-8117-D132778E0EE8} - System32\Tasks\{0046C361-ECFF-4833-98B5-885FE9C45E90} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... tError=404
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5f3f0318-8a6f-416f-af53-f72ca4578cfb}: [NameServer] 45.86.180.227,185.162.93.213,185.4.65.4,116.203.6.218,185.130.104.222,185.4.64.13
Tcpip\..\Interfaces\{5f3f0318-8a6f-416f-af53-f72ca4578cfb}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3906236801-542463905-1627191007-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: d8q5u490.default
FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default [2019-07-14]
FF user.js: detected! => C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\user.js [2019-07-10]
FF NewTabOverride: Mozilla\Firefox\Profiles\d8q5u490.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Google Translator for Firefox) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\translator@zoli.bod.xpi [2018-12-03]
FF Extension: (Mozilla Official) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2019-07-04] [not signed]
FF Extension: (No Name) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{E55C9A17-39B3-4F0A-9546-2E85FE620BE8}.xpi [2019-07-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811610"
CHR NewTab: Default -> Active:"chrome-extension://beliehdniadoecbonbhlcgbdldccfigp/visual-bookmarks.html"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B0CFACCC3-E582-425E-A0F2-21CE0194C35F%7D&gp=811610
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default [2019-07-04]
CHR Extension: (Prezentace) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-06]
CHR Extension: (Dokumenty) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-06]
CHR Extension: (Disk Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-06]
CHR Extension: (Пульс) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\beliehdniadoecbonbhlcgbdldccfigp [2019-07-04]
CHR Extension: (YouTube) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-01-06]
CHR Extension: (Tabulky) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-06]
CHR Extension: (Adblocker pro Youtube™) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpfiaecfobeadhikddakkmaapliokib [2019-07-04] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-01]
CHR Extension: (Mail.Ru) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-21]
CHR Extension: (Gmail) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-01]
CHR HKLM-x32\...\Chrome\Extension: [beliehdniadoecbonbhlcgbdldccfigp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iepoegkaoeljnbhagabakjodgpfniimo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232 2019-06-05] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider)
R3 L6TPortA; C:\WINDOWS\System32\Drivers\L6TPortA64.sys [777728 2015-08-21] (Line 6 -> Line 6)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_54bd1f10ac116cd5\nvlddmkm.sys [20605496 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [452008 2019-04-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 18:00 - 2019-07-14 18:00 - 007025360 _____ (Malwarebytes) C:\Users\Kuba\Desktop\AdwCleaner.exe
2019-07-14 17:58 - 2019-07-14 17:58 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\BitTorrent
2019-07-14 13:32 - 2019-07-14 18:07 - 000036384 _____ C:\Users\Kuba\Desktop\Addition.txt
2019-07-14 13:30 - 2019-07-14 18:11 - 000028144 _____ C:\Users\Kuba\Desktop\FRST.txt
2019-07-14 13:29 - 2019-07-14 13:29 - 002095104 _____ (Farbar) C:\Users\Kuba\Desktop\FRST64.exe
2019-07-14 13:25 - 2019-07-14 13:25 - 000388608 _____ (Trend Micro Inc.) C:\Users\Kuba\Desktop\hijackthis.exe
2019-07-14 13:15 - 2019-07-14 13:15 - 004260984 _____ (ESET) C:\Users\Kuba\Desktop\A431714_eset_nod32_antivirus_live_installer.exe
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign8159335585e1f507
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign0234540b49d298ce
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files\Common Files\OFX
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files (x86)\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files (x86)\LooksBuilder
2019-07-04 15:15 - 2017-01-30 10:10 - 064336384 _____ (Red Giant LLC) C:\WINDOWS\system32\MBLooks4UI_x64.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 014733824 _____ C:\WINDOWS\system32\UniChooser.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 013148672 _____ (Red Giant Software) C:\WINDOWS\system32\Gpu_Shader_Engine_x64.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 005528064 _____ (Noesis Technologies) C:\WINDOWS\system32\Noesis.dll
2019-07-04 14:51 - 2019-07-04 14:55 - 000000000 ____D C:\Program Files (x86)\MachinerData
2019-07-04 14:51 - 2019-07-04 14:51 - 000003278 _____ C:\WINDOWS\System32\Tasks\Sk213Pl
2019-07-04 14:51 - 2019-07-04 14:51 - 000002638 _____ C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF
2019-07-04 14:51 - 2019-07-04 14:51 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\prunld2619
2019-07-04 14:50 - 2019-07-04 15:02 - 000000000 ____D C:\Users\Kuba\AppData\Local\Mail.Ru
2019-07-04 14:50 - 2019-07-04 14:50 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-07-04 14:48 - 2019-07-04 15:12 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2019-07-04 14:48 - 2019-07-04 14:48 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\WarThunder
2019-07-04 14:31 - 2019-07-04 14:31 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsignfb0572792069154b
2019-07-04 14:31 - 2019-07-04 14:31 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsignd687d5b42e9a3f5f
2019-06-29 16:48 - 2019-06-29 16:48 - 000000000 ____D C:\Users\Kuba\Desktop\InfranPlugin
2019-06-27 15:58 - 2019-06-27 15:58 - 000000133 _____ C:\Users\Kuba\Desktop\dr.m.txt
2019-06-27 15:44 - 2019-06-27 15:44 - 000000904 _____ C:\Users\Kuba\Desktop\Start Tor Browser.lnk
2019-06-27 15:43 - 2019-06-27 15:44 - 000000000 ____D C:\Users\Kuba\Desktop\Tor Browser
2019-06-27 15:43 - 2019-06-27 15:43 - 057221488 _____ C:\Users\Kuba\Desktop\torbrowser-install-win64-8.5.3_en-US.exe
2019-06-24 16:52 - 2019-06-24 16:59 - 000000000 ____D C:\Users\Kuba\Desktop\Mrdací Kajuška
2019-06-21 09:42 - 2019-06-21 09:42 - 000000000 ____D C:\Users\Kuba\AppData\Local\Finkit
2019-06-21 09:41 - 2019-06-21 09:41 - 020297872 _____ C:\Users\Kuba\Desktop\ManicTime.exe
2019-06-21 09:41 - 2019-06-21 09:41 - 000002107 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManicTime.lnk
2019-06-21 09:41 - 2019-06-21 09:41 - 000000000 ____D C:\Program Files (x86)\ManicTime
2019-06-21 07:54 - 2019-07-14 12:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-16 13:45 - 2019-06-16 13:45 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign87120e1df626d94e
2019-06-16 13:45 - 2019-06-16 13:45 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign4ceebf506a2e321c
2019-06-16 13:44 - 2019-06-16 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Video for Premiere
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 18:10 - 2017-07-12 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-14 18:09 - 2017-05-10 19:59 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\Mozilla
2019-07-14 18:08 - 2019-05-03 09:04 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-07-14 18:08 - 2018-10-09 13:50 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-14 18:08 - 2018-05-16 08:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-14 18:08 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-14 18:08 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-14 18:06 - 2017-05-30 07:24 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\BitTorrent
2019-07-14 18:05 - 2017-11-11 19:23 - 000000000 ____D C:\FRST
2019-07-14 18:04 - 2018-05-16 08:31 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-14 18:04 - 2018-05-15 08:25 - 000715018 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-14 18:04 - 2018-05-15 08:25 - 000144332 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-14 18:04 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-14 18:00 - 2017-11-11 17:29 - 000000000 ____D C:\AdwCleaner
2019-07-14 17:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-07-14 17:58 - 2018-05-16 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-14 13:25 - 2017-05-10 19:03 - 000000000 ____D C:\Users\Kuba\AppData\Local\VirtualStore
2019-07-14 13:16 - 2017-05-15 13:34 - 000000000 ____D C:\Users\Kuba\AppData\Local\Spotify
2019-07-14 12:32 - 2017-05-15 13:34 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Spotify
2019-07-14 11:13 - 2017-11-19 00:14 - 000000000 ____D C:\Users\Kuba\AppData\Local\Packages
2019-07-13 13:49 - 2018-05-16 08:23 - 000000000 ____D C:\Users\Kuba
2019-07-12 22:02 - 2018-10-12 10:50 - 000000600 _____ C:\Users\Kuba\AppData\Local\PUTTY.RND
2019-07-12 22:02 - 2018-10-12 10:47 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\FileZilla
2019-07-12 22:01 - 2017-11-11 12:47 - 000000000 ____D C:\Users\Kuba\AppData\Local\CrashDumps
2019-07-12 21:59 - 2018-05-16 08:26 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3906236801-542463905-1627191007-1001
2019-07-12 21:59 - 2018-05-16 08:23 - 000002403 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-12 21:59 - 2017-05-10 19:05 - 000000000 ___RD C:\Users\Kuba\OneDrive
2019-07-12 00:28 - 2017-05-12 14:51 - 000000000 ____D C:\Users\Kuba\AppData\Local\ElevatedDiagnostics
2019-07-10 14:54 - 2018-05-16 08:26 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-10 14:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-10 14:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-04 14:51 - 2017-11-11 12:47 - 000000258 __RSH C:\ProgramData\ntuser.pol
2019-07-04 14:50 - 2015-07-10 13:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-07-03 11:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-30 08:24 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-28 10:27 - 2017-05-20 13:46 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\audacity
2019-06-27 15:44 - 2017-06-01 15:21 - 000000952 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2019-06-24 14:37 - 2018-01-31 14:37 - 000000000 ____D C:\Users\Kuba\Desktop\Nová složka
2019-06-21 17:21 - 2017-05-10 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-21 09:31 - 2018-11-17 10:42 - 000000000 ____D C:\Program Files\rempl
2019-06-19 18:34 - 2019-02-20 15:18 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-06-19 18:34 - 2019-02-20 15:18 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-06-19 08:53 - 2017-05-24 17:17 - 000000000 ____D C:\Program Files\UNP
2019-06-16 13:44 - 2019-05-05 17:00 - 000000000 ____D C:\Program Files\Neat Video for Premiere
2019-06-14 09:46 - 2017-05-16 17:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ================
2019-03-07 12:09 - 2019-03-07 12:09 - 000000600 _____ () C:\Users\Kuba\AppData\Roaming\PUTTY.RND
2017-05-30 11:49 - 2018-04-22 17:59 - 000001480 _____ () C:\Users\Kuba\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-05-12 17:11 - 2019-05-14 10:44 - 000000081 _____ () C:\Users\Kuba\AppData\Local\FILM_AE_LogFile.txt
2017-11-11 12:47 - 2017-11-11 12:47 - 000140800 _____ () C:\Users\Kuba\AppData\Local\installer.dat
2018-09-27 16:20 - 2018-09-27 16:20 - 000000000 _____ () C:\Users\Kuba\AppData\Local\oobelibMkey.log
2018-10-12 10:50 - 2019-07-12 22:02 - 000000600 _____ () C:\Users\Kuba\AppData\Local\PUTTY.RND
2018-06-06 11:49 - 2018-06-06 11:49 - 000007626 _____ () C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2019
Ran by Kuba (14-07-2019 18:11:48)
Running from C:\Users\Kuba\Desktop
Windows 10 Home Version 1803 17134.829 (X64) (2018-05-16 06:26:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3906236801-542463905-1627191007-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3906236801-542463905-1627191007-503 - Limited - Disabled)
Guest (S-1-5-21-3906236801-542463905-1627191007-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3906236801-542463905-1627191007-1004 - Limited - Enabled)
Kuba (S-1-5-21-3906236801-542463905-1627191007-1001 - Administrator - Enabled) => C:\Users\Kuba
WDAGUtilityAccount (S-1-5-21-3906236801-542463905-1627191007-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe After (HKLM\...\{6A915992-D887-4897-82F5-950EDD12DEB1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_1) (Version: 15.1.1 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2019 (HKLM-x32\...\DRWV_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_4) (Version: 7.4 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Adobe Premiere (HKLM\...\{C1CB876C-A08E-4692-B525-42848BD154D7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
ApowerREC V1.3.3.8 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.3.3.8 - Apowersoft LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Audition (HKLM\...\{52452272-9233-4A27-AA7A-E05C2E7A61BD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
BitTorrent (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4700 (HKLM-x32\...\{299FCBE4-2869-4EE0-9143-28BDC2C585AC}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
DaVinci Resolve (HKLM\...\{AFB2735E-5364-4626-BB95-B7B8275B0AD1}) (Version: 15.3.1003 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden
encoder (HKLM\...\{816B3B8A-576A-4B1E-8C18-150BB3A9DD6C}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
FileZilla Client 3.37.4 (HKLM-x32\...\FileZilla Client) (Version: 3.37.4 - Tim Kosse)
Flash Memory Toolkit trial 2.01 (HKLM-x32\...\Flash Memory Toolkit trial_is1) (Version: - EFD Software)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: - )
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{28981D56-C55A-4972-998F-823590FD43A2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
ImageMagick 7.0.6-0 Q16 (64-bit) (2017-06-11) (HKLM\...\ImageMagick 7.0.6 Q16 (64-bit)_is1) (Version: 7.0.6 - ImageMagick Studio LLC)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Network Connections 21.1.29.0 (HKLM\...\PROSetDX) (Version: 21.1.29.0 - Intel)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
K-Lite Mega Codec Pack 13.1.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.1.6 - KLCP)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
Magic Bullet Suite v13.0.3 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.3 - Red Giant, LLC)
ManicTime (HKLM-x32\...\{3DC65CAD-FBF2-4E89-A404-99B59145FF5C}) (Version: 4.3.4.0 - Finkit d.o.o.)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.4 (x64 cs)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 3.5 - ABSoft)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden
Perfect Uninstaller v6.3.4.0 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.0 - Power Software Ltd)
PS_AIO_06_C4700_SW_Min (HKLM-x32\...\{C31578B7-B86A-419F-96AC-C85458764B22}) (Version: 140.0.863.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Ripple Desktop Wallet (HKLM\...\{47FAE72F-1C26-43EE-BFB0-9B54A5BA387F}) (Version: 1.4.1 - Rippex)
Ruske / Ukrajinske foneticke klavesnice pro WIN 2000/XP 1.3 (HKLM\...\Ruska / Ukrajinska foneticka klavesnice_is1) (Version: 1.5 - )
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\Spotify) (Version: 1.1.10.540.gfcf0430f - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
Telegram Desktop version 1.4.3 (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.4.3 - Telegram Messenger LLP)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VueScan x64 (HKLM\...\VueScan x64) (Version: - Hamrick Software)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Youtube Downloader HD v. 2.9.9.30 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-06-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3906236801-542463905-1627191007-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B7D7B2F7532E} -> [Creative Cloud Files] => C:\Users\Kuba\Creative Cloud Files [2018-05-28 17:25]
CustomCLSID: HKU\S-1-5-21-3906236801-542463905-1627191007-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] (Guangxi Nanning Qiwang Co. Ltd. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] (Guangxi Nanning Qiwang Co. Ltd. -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-06-21 11:21 - 2019-06-21 11:21 - 000365568 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Interop.UIAeaff150a#\05ee64ff017c59d981bbdfa943c88605\Interop.UIAutomationClient.ni.dll
2019-03-11 14:32 - 2019-03-11 14:32 - 001316864 _____ () [File not signed] C:\Program Files (x86)\ManicTime\x64\sqlcipher.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001561600 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani1352a8e6#\43dc052eaf5252f3ff0a096dda551a5c\Finkit.ManicTime.Shared.XmlSerializers.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000947712 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Irony\79f3855dae59dc23cabcf777e10d6153\Irony.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 013598720 _____ (.NET Foundation and Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Reactive\b48dd5210ae76cef58c9c3c28152e21d\System.Reactive.ni.dll
2017-06-05 18:31 - 2009-04-16 14:08 - 000248320 _____ (Access Denied) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp70v.dll
2019-06-21 11:20 - 2019-06-21 11:20 - 001127424 _____ (Autofac) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Autofac\7acc613af3f4efa5dce24dbec9b323ae\Autofac.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000163328 _____ (Dominick Baier;Brock Allen) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\IdentityMod705487aa#\a54ad7d542d428c677c8459f9db6143b\IdentityModel.OidcClient.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 002885120 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani24616bc2#\4f06e799190c3e265d086f0980773e1b\Finkit.ManicTime.Common.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 001243136 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Manic26b69e3#\d31e942853e092efe6ed4f7eb0525261\Finkit.ManicTime.Common.O.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 004182016 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Manie9c9b897#\513a1eeea6c1df555d242ed448ac3371\Finkit.ManicTime.Tracker.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001603072 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.Cc04b5347#\c32fa773e545d048aa32333148626d21\ManicTime.Client.Tracker.Win.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000065536 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime\051610c71fa164c0756ffdb7a95fbfd9\ManicTime.ni.exe
2019-06-21 11:21 - 2019-06-21 11:21 - 003743744 _____ (Finkit.ManicTime.Shared) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani497a5306#\15608c329173e146bea916133407007d\Finkit.ManicTime.Shared.ni.dll
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001926144 _____ (ManicTime.Client) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.Client\6f00d781eae1748734821c8b129ca3ee\ManicTime.Client.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001376256 _____ (ManicTime.Client.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C043ae9f8#\7e8e2fdddd5469ccc6ed5219f3cf13fd\ManicTime.Client.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001641984 _____ (ManicTime.Client.Tracker) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C107cfc19#\92e6bea85732ccba24a2eea68a76e70f\ManicTime.Client.Tracker.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000761856 _____ (ManicTime.Client.Tracker.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C03e9988e#\1708519c56e3bd31e5d24c4bd66318d9\ManicTime.Client.Tracker.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 003833856 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\5a34fd43a5cc89566b6020a0e2286af8\Newtonsoft.Json.ni.dll
2017-10-24 04:38 - 2017-10-24 04:38 - 000311808 _____ (Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOSH.DLL
2017-10-24 04:39 - 2017-10-24 04:39 - 000441856 _____ (Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOVM.EXE
2019-06-21 11:21 - 2019-06-21 11:21 - 011467776 _____ (Shared.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Shared.Storage\5dbfb47794c83050bc868d678d554896\Shared.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001114112 _____ (Xamarin Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SkiaSharp\c608b4dbf18b75f999a81f7a7763aa8a\SkiaSharp.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000233472 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRa3789e0c2#\62fa7b0c40f0d349de34cac4e4db1af4\SQLitePCLRaw.provider.sqlcipher.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000011264 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaf488fa76#\d7d8a8c3ad012e0c990347af91a2cca2\SQLitePCLRaw.batteries_v2.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000193024 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaw.core\80c6cce0b8ea581d067b2ef71b11ca51\SQLitePCLRaw.core.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [382]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ImageMagick-7.0.6-Q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 45.86.180.227 - 185.162.93.213
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{F5AB4BA7-09E2-4A75-B59D-02C7A765F27A}C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{A6047765-F3C0-4E17-B009-7DD79F225F4A}C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{50BFE750-DE0C-4E4D-9AD0-35FA2D62C01B}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{3C62EA47-52CC-47E7-B9C4-DC3131BDA508}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [TCP Query User{D3707361-6BA4-49F0-B6C0-F19F88808E19}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{AF334917-2A36-4A17-8155-0949EA3411B7}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{ED1C42E8-47BE-4568-A745-6DE5131FB8BC}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{6F7E01E2-3698-4669-A4E2-9DB8A8446AEB}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
21-06-2019 09:30:48 Windows Update
30-06-2019 12:23:54 Scheduled Checkpoint
04-07-2019 15:20:37 Removed SafeMyWeb
12-07-2019 00:51:36 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/14/2019 06:08:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 06:08:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 06:07:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 13.7.2019.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 35fc
Čas spuštění: 01d53a5de6a43c6e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\Kuba\Desktop\FRST64.exe
ID hlášení: 52e22e5d-04a9-4548-803c-3778bc70c52c
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (07/14/2019 06:00:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 05:58:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 05:58:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:25:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:24:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
System errors:
=============
Error: (07/14/2019 06:10:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/14/2019 06:10:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby gupdate bylo dosaženo časového limitu (30000 ms).
Error: (07/14/2019 06:08:27 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu Microsoft-RMS-MSIPC/Debug. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
Error: (07/14/2019 06:08:27 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu DebugChannel. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
Error: (07/14/2019 06:08:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Remediation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (07/14/2019 06:08:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player Network Sharing Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restart the service.
Error: (07/14/2019 06:08:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restart the service.
Error: (07/14/2019 06:08:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restart the service.
Windows Defender:
===================================
Date: 2019-07-14 13:04:20.691
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {905044F8-B922-4B86-8D6B-2C125F90DB2C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-55V176A\Kuba
Date: 2019-07-05 00:45:46.638
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {315E8E5A-B1A1-4BC0-B3B6-FA1A11F29F90}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-07-04 15:24:31.796
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: High
Kategorie: Tool
Cesta: containerfile:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar; file:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar->Guitar Pro 6.0.9\Step 2 - Keygen\Keygen.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: DESKTOP-55V176A\Kuba
Název procesu: Unknown
Verze podpisu: AV: 1.297.421.0, AS: 1.297.421.0, NIS: 1.297.421.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4
Date: 2019-07-04 15:23:13.225
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {AF3B60D2-1E5A-4702-B301-5BF1BEC89C12}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-55V176A\Kuba
Date: 2019-07-04 15:23:13.225
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: High
Kategorie: Tool
Cesta: file:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar->Guitar Pro 6.0.9\Step 2 - Keygen\Keygen.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: DESKTOP-55V176A\Kuba
Název procesu: Unknown
Verze podpisu: AV: 1.297.353.0, AS: 1.297.353.0, NIS: 1.297.353.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4
Date: 2019-07-14 18:09:50.223
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 18:09:50.223
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 18:09:50.223
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 18:09:50.217
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 18:09:50.217
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-07-14 18:08:26.539
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 17:58:01.505
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 13:24:01.003
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 11:47:50.775
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 11:08:07.608
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-11 21:04:06.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-11 20:57:42.635
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-10 14:51:27.120
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.10 11/14/2016
Motherboard: ASRock Z270M Pro4
Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 12%
Total physical RAM: 32732.52 MB
Available physical RAM: 28750.36 MB
Total Virtual: 37596.52 MB
Available Virtual: 32174.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.92 GB) (Free:86.38 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:194.43 GB) NTFS
\\?\Volume{5670ee53-7474-4e3f-b72d-70bb7fb6bd39}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{ffac9eed-4bc7-4652-963a-64d5ea51b640}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\MountPoints2: E - "E:\OriginSetup.exe"
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {5104CD04-F9D4-4F57-9B6B-AE8EC0728068} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {56EFE5B7-5C4A-4403-AF42-6304B13978D3} - System32\Tasks\JSpPUlYEOjGQEpF => rundll32 "C:\Program Files (x86)\rZdaClXBU\LsmDMy.dll",#1
Task: {6AA1EDCB-2767-4884-A595-B32A0D9033CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {6B202AE3-8316-4BEC-989B-E2C0B834802A} - System32\Tasks\Sk213Pl => C:\Users\Kuba\AppData\Roaming\prunld2619\he66988.exe [1387878 2019-07-04] ( ) [File not signed]
SearchScopes: HKU\S-1-5-21-3906236801-542463905-1627191007-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811610"
CHR NewTab: Default -> Active:"chrome-extension://beliehdniadoecbonbhlcgbdldccfigp/visual-bookmarks.html"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B0CFACCC3-E582-425E-A0F2-21CE0194C35F%7D&gp=811610
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Extension: (Adblocker pro Youtube™) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpfiaecfobeadhikddakkmaapliokib [2019-07-04] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Mail.Ru) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-04]
C:\Users\Kuba\AppData\Local\Tempzxpsign8159335585e1f507
C:\Users\Kuba\AppData\Local\Tempzxpsign0234540b49d298ce
C:\WINDOWS\System32\Tasks\Sk213Pl
C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF
C:\Users\Kuba\AppData\Local\Tempzxpsignfb0572792069154b
C:\Users\Kuba\AppData\Local\Tempzxpsignd687d5b42e9a3f5f
C:\Users\Kuba\AppData\Local\Tempzxpsign87120e1df626d94e
C:\Users\Kuba\AppData\Local\Tempzxpsign4ceebf506a2e321c
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - -> No File
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [382]
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
Fix result of Farbar Recovery Scan Tool (x64) Version: 13-07-2019
Ran by Kuba (15-07-2019 08:12:03) Run:1
Running from C:\Users\Kuba\Desktop
Loaded Profiles: Kuba (Available Profiles: Kuba)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\MountPoints2: E - "E:\OriginSetup.exe"
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {5104CD04-F9D4-4F57-9B6B-AE8EC0728068} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {56EFE5B7-5C4A-4403-AF42-6304B13978D3} - System32\Tasks\JSpPUlYEOjGQEpF => rundll32 "C:\Program Files (x86)\rZdaClXBU\LsmDMy.dll",#1
Task: {6AA1EDCB-2767-4884-A595-B32A0D9033CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {6B202AE3-8316-4BEC-989B-E2C0B834802A} - System32\Tasks\Sk213Pl => C:\Users\Kuba\AppData\Roaming\prunld2619\he66988.exe [1387878 2019-07-04] ( ) [File not signed]
SearchScopes: HKU\S-1-5-21-3906236801-542463905-1627191007-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811610"
CHR NewTab: Default -> Active:"chrome-extension://beliehdniadoecbonbhlcgbdldccfigp/visual-bookmarks.html"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B0CFACCC3-E582-425E-A0F2-21CE0194C35F%7D&gp=811610
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Extension: (Adblocker pro Youtube�) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpfiaecfobeadhikddakkmaapliokib [2019-07-04] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Mail.Ru) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-04]
C:\Users\Kuba\AppData\Local\Tempzxpsign8159335585e1f507
C:\Users\Kuba\AppData\Local\Tempzxpsign0234540b49d298ce
C:\WINDOWS\System32\Tasks\Sk213Pl
C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF
C:\Users\Kuba\AppData\Local\Tempzxpsignfb0572792069154b
C:\Users\Kuba\AppData\Local\Tempzxpsignd687d5b42e9a3f5f
C:\Users\Kuba\AppData\Local\Tempzxpsign87120e1df626d94e
C:\Users\Kuba\AppData\Local\Tempzxpsign4ceebf506a2e321c
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - -> No File
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [382]
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5104CD04-F9D4-4F57-9B6B-AE8EC0728068}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5104CD04-F9D4-4F57-9B6B-AE8EC0728068}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{56EFE5B7-5C4A-4403-AF42-6304B13978D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56EFE5B7-5C4A-4403-AF42-6304B13978D3}" => removed successfully
C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JSpPUlYEOjGQEpF" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AA1EDCB-2767-4884-A595-B32A0D9033CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AA1EDCB-2767-4884-A595-B32A0D9033CC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B202AE3-8316-4BEC-989B-E2C0B834802A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B202AE3-8316-4BEC-989B-E2C0B834802A}" => removed successfully
C:\WINDOWS\System32\Tasks\Sk213Pl => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Sk213Pl" => removed successfully
"HKU\S-1-5-21-3906236801-542463905-1627191007-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome NewTab" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => not found
CHR Extension: (Adblocker pro Youtube�) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpfiaecfobeadhikddakkmaapliokib [2019-07-04] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
CHR Extension: (Mail.Ru) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-04] => Error: No automatic fix found for this entry.
C:\Users\Kuba\AppData\Local\Tempzxpsign8159335585e1f507 => moved successfully
C:\Users\Kuba\AppData\Local\Tempzxpsign0234540b49d298ce => moved successfully
"C:\WINDOWS\System32\Tasks\Sk213Pl" => not found
"C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF" => not found
C:\Users\Kuba\AppData\Local\Tempzxpsignfb0572792069154b => moved successfully
C:\Users\Kuba\AppData\Local\Tempzxpsignd687d5b42e9a3f5f => moved successfully
C:\Users\Kuba\AppData\Local\Tempzxpsign87120e1df626d94e => moved successfully
C:\Users\Kuba\AppData\Local\Tempzxpsign4ceebf506a2e321c => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE}" => removed successfully
HKLM\Software\Classes\CLSID\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} => not found
C:\ProgramData\TEMP => ":8927A071" ADS removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1502234694 B
Java, Flash, Steam htmlcache => 32129046 B
Windows/system/drivers => 15188152 B
Edge => 3662920 B
Chrome => 182840242 B
Firefox => 1140359862 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 75698 B
LocalService => 0 B
NetworkService => 881362 B
NetworkService => 0 B
Kuba => 98981449 B
RecycleBin => 0 B
EmptyTemp: => 2.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 08:12:45 ====
Ran by Kuba (15-07-2019 08:12:03) Run:1
Running from C:\Users\Kuba\Desktop
Loaded Profiles: Kuba (Available Profiles: Kuba)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\MountPoints2: E - "E:\OriginSetup.exe"
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {5104CD04-F9D4-4F57-9B6B-AE8EC0728068} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {56EFE5B7-5C4A-4403-AF42-6304B13978D3} - System32\Tasks\JSpPUlYEOjGQEpF => rundll32 "C:\Program Files (x86)\rZdaClXBU\LsmDMy.dll",#1
Task: {6AA1EDCB-2767-4884-A595-B32A0D9033CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {6B202AE3-8316-4BEC-989B-E2C0B834802A} - System32\Tasks\Sk213Pl => C:\Users\Kuba\AppData\Roaming\prunld2619\he66988.exe [1387878 2019-07-04] ( ) [File not signed]
SearchScopes: HKU\S-1-5-21-3906236801-542463905-1627191007-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811610"
CHR NewTab: Default -> Active:"chrome-extension://beliehdniadoecbonbhlcgbdldccfigp/visual-bookmarks.html"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B0CFACCC3-E582-425E-A0F2-21CE0194C35F%7D&gp=811610
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Extension: (Adblocker pro Youtube�) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpfiaecfobeadhikddakkmaapliokib [2019-07-04] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Mail.Ru) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-04]
C:\Users\Kuba\AppData\Local\Tempzxpsign8159335585e1f507
C:\Users\Kuba\AppData\Local\Tempzxpsign0234540b49d298ce
C:\WINDOWS\System32\Tasks\Sk213Pl
C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF
C:\Users\Kuba\AppData\Local\Tempzxpsignfb0572792069154b
C:\Users\Kuba\AppData\Local\Tempzxpsignd687d5b42e9a3f5f
C:\Users\Kuba\AppData\Local\Tempzxpsign87120e1df626d94e
C:\Users\Kuba\AppData\Local\Tempzxpsign4ceebf506a2e321c
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - -> No File
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [382]
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5104CD04-F9D4-4F57-9B6B-AE8EC0728068}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5104CD04-F9D4-4F57-9B6B-AE8EC0728068}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{56EFE5B7-5C4A-4403-AF42-6304B13978D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56EFE5B7-5C4A-4403-AF42-6304B13978D3}" => removed successfully
C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JSpPUlYEOjGQEpF" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AA1EDCB-2767-4884-A595-B32A0D9033CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AA1EDCB-2767-4884-A595-B32A0D9033CC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B202AE3-8316-4BEC-989B-E2C0B834802A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B202AE3-8316-4BEC-989B-E2C0B834802A}" => removed successfully
C:\WINDOWS\System32\Tasks\Sk213Pl => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Sk213Pl" => removed successfully
"HKU\S-1-5-21-3906236801-542463905-1627191007-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome NewTab" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => not found
CHR Extension: (Adblocker pro Youtube�) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpfiaecfobeadhikddakkmaapliokib [2019-07-04] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
CHR Extension: (Mail.Ru) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-04] => Error: No automatic fix found for this entry.
C:\Users\Kuba\AppData\Local\Tempzxpsign8159335585e1f507 => moved successfully
C:\Users\Kuba\AppData\Local\Tempzxpsign0234540b49d298ce => moved successfully
"C:\WINDOWS\System32\Tasks\Sk213Pl" => not found
"C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF" => not found
C:\Users\Kuba\AppData\Local\Tempzxpsignfb0572792069154b => moved successfully
C:\Users\Kuba\AppData\Local\Tempzxpsignd687d5b42e9a3f5f => moved successfully
C:\Users\Kuba\AppData\Local\Tempzxpsign87120e1df626d94e => moved successfully
C:\Users\Kuba\AppData\Local\Tempzxpsign4ceebf506a2e321c => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE}" => removed successfully
HKLM\Software\Classes\CLSID\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} => not found
C:\ProgramData\TEMP => ":8927A071" ADS removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1502234694 B
Java, Flash, Steam htmlcache => 32129046 B
Windows/system/drivers => 15188152 B
Edge => 3662920 B
Chrome => 182840242 B
Firefox => 1140359862 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 75698 B
LocalService => 0 B
NetworkService => 881362 B
NetworkService => 0 B
Kuba => 98981449 B
RecycleBin => 0 B
EmptyTemp: => 2.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 08:12:45 ====
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
Zdá se, že přestaly ty ruské zvuky a kurzor už je v prohlížeči normální. Nicméně stále se mi nedáří provést aktualizaci antiviru, webové stránky poskytovatelů antivirového sw jsou stále nedostupné a po provedení "fix" jsem díky tomu, že je nutno se znovu přihlásit na stránky, kde jsem měl zapamatované údaje, zjistil, že mi nelze provést přihlášení do Google služeb. Tzn. když vyplním uživatelské jméno a dám dále, tlačítko nereaguje.
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
Děje se to ve všech prohlížečích? Zkusíme vyčistit. Spusťte postupně tyto utility:
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
3. Podívejte se do nastavení sítě (Name servery) a odmažte všechny, které nejsou vaše (ty Ruské).
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
3. Podívejte se do nastavení sítě (Name servery) a odmažte všechny, které nejsou vaše (ty Ruské).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
Problém se projevuje ve všech prohlížečích. Zoek proběhl asi standardně, přikládám log. JRT provedl scan a při výpisu logu se zobrazil prázdný soubor. Když jsem ho zavřel a chtěl znovu vyhledat, zjistil jsem, že zmizely i názvy složek a disků. Po restartu jsem provedl scan znovu. Situace se zopakovala. Provedl jsem znovu restart a rovnou otevřel přiložený log z druhého scanu. Ten přikládám. Ethernet síťové připojení mám jen jedno.
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Kuba on 15.07.2019 at 14:11:26,12.
Microsoft Windows 10 Home 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kuba\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
15.07.2019 14:12:19 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MachinerData deleted successfully
C:\PROGRA~2\COMMON~1\Intel Corporation deleted successfully
C:\Program Files\Canon deleted successfully
C:\Program Files\trend micro deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\goodasnew deleted successfully
C:\PROGRA~3\Guitar Pro 6 deleted successfully
C:\PROGRA~3\rgt deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Kuba\AppData\Roaming\2kezc2z1mzu deleted successfully
C:\Users\Kuba\AppData\Roaming\fj45oder1nz deleted successfully
C:\Users\Kuba\AppData\Roaming\h5dcpigkmqk deleted successfully
C:\Users\Kuba\AppData\Roaming\jbcm11orfba deleted successfully
C:\Users\Kuba\AppData\Roaming\pvrkg3kwx2e deleted successfully
C:\Users\Kuba\AppData\Roaming\tas5aezz4jx deleted successfully
C:\Users\Kuba\AppData\Roaming\Windows deleted successfully
C:\Users\Kuba\AppData\Roaming\xvelreelzha deleted successfully
C:\Users\Kuba\AppData\Local\DBG deleted successfully
C:\Users\Kuba\AppData\Local\GHISLER deleted successfully
C:\Users\Kuba\AppData\Local\Mozilla Firefox deleted successfully
C:\Users\Kuba\AppData\Local\PlaceholderTileLogoFolder deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\0ias9eg1.default-release\prefs.js:
Added to C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\0ias9eg1.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991\prefs.js:
Added to C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\0ias9eg1.default-release
user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- FireFox user.js and prefs.js backups ----
prefs__1422_.backup
ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991
user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- FireFox user.js and prefs.js backups ----
prefs__1422_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\MachinerData not found
C:\PROGRA~2\Red Giant deleted
C:\Users\Kuba\AppData\Local\Red Giant deleted
C:\Users\Kuba\AppData\Roaming\HandBrake deleted
C:\Users\Kuba\AppData\Roaming\GetRightToGo deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Safer-Networking.log deleted
C:\PROGRA~3\{30FA7941-4170-4C83-A9A8-FDF01C431704} deleted
C:\PROGRA~3\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14} deleted
C:\PROGRA~3\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418} deleted
C:\PROGRA~3\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Kuba\AppData\Local\oobelibMkey.log deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991\extensions\staged deleted
C:\Users\Kuba\Desktop\Youtube Downloader HD.lnk deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
"C:\Programdata\Windows\data.dat" deleted
"C:\Programdata\Windows\Default\desktop" deleted
"C:\Programdata\Windows" deleted
"C:\Programdata\Windows\Default" deleted
"C:\windows\SysNative\GroupPolicy\Machine" deleted
==== Orphaned Tasks deleted from Registry ======================
klcp_update deleted
WarThunder0 deleted
WarThunder1 deleted
WarThunder2 deleted
WarThunder3 deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\0ias9eg1.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\0ias9eg1.default-release
- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - [?]
- C:\PROGRA1\MICROS1\Office15\NPSPWRAP.DLL - [?]
Profilepath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991
- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - [?]
- C:\PROGRA1\MICROS1\Office15\NPSPWRAP.DLL - [?]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
beliehdniadoecbonbhlcgbdldccfigp - No path found[]
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
iepoegkaoeljnbhagabakjodgpfniimo - No path found[]
Домашняя страница и поиск от Mail.Ru - Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo
Chrome Media Router - Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
==== Reset Google Chrome ======================
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Kuba\AppData\Local\Mozilla\Firefox\Profiles\0ias9eg1.default-release\cache2 emptied successfully
C:\Users\Kuba\AppData\Local\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991\cache2 emptied successfully
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=95 folders=72 110792398 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Kuba\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Kuba\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
==== EOF on 15.07.2019 at 14:27:48,35 ======================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64
Ran by Kuba (Administrator) on 15.07.2019 at 14:36:19,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.07.2019 at 14:37:35,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Kuba on 15.07.2019 at 14:11:26,12.
Microsoft Windows 10 Home 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kuba\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
15.07.2019 14:12:19 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MachinerData deleted successfully
C:\PROGRA~2\COMMON~1\Intel Corporation deleted successfully
C:\Program Files\Canon deleted successfully
C:\Program Files\trend micro deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\goodasnew deleted successfully
C:\PROGRA~3\Guitar Pro 6 deleted successfully
C:\PROGRA~3\rgt deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Kuba\AppData\Roaming\2kezc2z1mzu deleted successfully
C:\Users\Kuba\AppData\Roaming\fj45oder1nz deleted successfully
C:\Users\Kuba\AppData\Roaming\h5dcpigkmqk deleted successfully
C:\Users\Kuba\AppData\Roaming\jbcm11orfba deleted successfully
C:\Users\Kuba\AppData\Roaming\pvrkg3kwx2e deleted successfully
C:\Users\Kuba\AppData\Roaming\tas5aezz4jx deleted successfully
C:\Users\Kuba\AppData\Roaming\Windows deleted successfully
C:\Users\Kuba\AppData\Roaming\xvelreelzha deleted successfully
C:\Users\Kuba\AppData\Local\DBG deleted successfully
C:\Users\Kuba\AppData\Local\GHISLER deleted successfully
C:\Users\Kuba\AppData\Local\Mozilla Firefox deleted successfully
C:\Users\Kuba\AppData\Local\PlaceholderTileLogoFolder deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\0ias9eg1.default-release\prefs.js:
Added to C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\0ias9eg1.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991\prefs.js:
Added to C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\0ias9eg1.default-release
user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- FireFox user.js and prefs.js backups ----
prefs__1422_.backup
ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991
user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- FireFox user.js and prefs.js backups ----
prefs__1422_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\MachinerData not found
C:\PROGRA~2\Red Giant deleted
C:\Users\Kuba\AppData\Local\Red Giant deleted
C:\Users\Kuba\AppData\Roaming\HandBrake deleted
C:\Users\Kuba\AppData\Roaming\GetRightToGo deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Safer-Networking.log deleted
C:\PROGRA~3\{30FA7941-4170-4C83-A9A8-FDF01C431704} deleted
C:\PROGRA~3\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14} deleted
C:\PROGRA~3\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418} deleted
C:\PROGRA~3\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Kuba\AppData\Local\oobelibMkey.log deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991\extensions\staged deleted
C:\Users\Kuba\Desktop\Youtube Downloader HD.lnk deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
"C:\Programdata\Windows\data.dat" deleted
"C:\Programdata\Windows\Default\desktop" deleted
"C:\Programdata\Windows" deleted
"C:\Programdata\Windows\Default" deleted
"C:\windows\SysNative\GroupPolicy\Machine" deleted
==== Orphaned Tasks deleted from Registry ======================
klcp_update deleted
WarThunder0 deleted
WarThunder1 deleted
WarThunder2 deleted
WarThunder3 deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\0ias9eg1.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\0ias9eg1.default-release
- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - [?]
- C:\PROGRA1\MICROS1\Office15\NPSPWRAP.DLL - [?]
Profilepath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991
- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - [?]
- C:\PROGRA1\MICROS1\Office15\NPSPWRAP.DLL - [?]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
beliehdniadoecbonbhlcgbdldccfigp - No path found[]
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
iepoegkaoeljnbhagabakjodgpfniimo - No path found[]
Домашняя страница и поиск от Mail.Ru - Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo
Chrome Media Router - Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
==== Reset Google Chrome ======================
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Kuba\AppData\Local\Mozilla\Firefox\Profiles\0ias9eg1.default-release\cache2 emptied successfully
C:\Users\Kuba\AppData\Local\Mozilla\Firefox\Profiles\gmcescro.default-1563190825991\cache2 emptied successfully
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=95 folders=72 110792398 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Kuba\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Kuba\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
==== EOF on 15.07.2019 at 14:27:48,35 ======================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64
Ran by Kuba (Administrator) on 15.07.2019 at 14:36:19,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.07.2019 at 14:37:35,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
OK, smazáno. V nastavení sítě je třeba odmazat zejména 185.162.93.213,185.4.65.4 a případně další, které nesouvisí s vaším připojením (které jste nedostal od providera.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
Mnohokrát Vám děkuji. Zdá se, že již vše funguje jak má.
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zvuky v ruštině v Mozille, místo běžného kurzoru ikona d
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?