Prosím o kontrolu logu problém při prohlížení netu

Zpráva

Antusek · #31 Příspěvek od **Antusek** » 02 úno 2020 21:50

Typ unicode tam nemám. Mám tam:

ANSI
UTF -16 LE
UTF -16 BE
UTF-8
UTF-8 s BOM

Co mám vybrat?
díky za další rady

Antusek · #32 Příspěvek od **Antusek** » 02 úno 2020 22:14

Další úkony udělám zítra večer.

#33 Příspěvek od **Conder** » 02 úno 2020 23:22

Aha, pardon, zabudol som na zmenu v novych verziach Windows 10. Mozes vybrat UTF-8.

Antusek · #34 Příspěvek od **Antusek** » 03 úno 2020 19:54

Díky. Jdu na to. Pak vložím log.

Antusek · #35 Příspěvek od **Antusek** » 03 úno 2020 20:04

Posílám log. Akorát Antivirus Avira upozornil, že zablokoval přístup k host souborům.
Dík za další rady.

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Admin (03-02-2020 19:59:49) Run:1
Running from D:\Aviry
Loaded Profiles: Admin (Available Profiles: Admin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [] => [X]
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [33792 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [4615616 2019-11-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
CMD: type "C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kc08x7df.default\user.js"
FF user.js: detected! => C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kc08x7df.default\user.js [2020-01-31]
FF NewTab: Mozilla\Firefox\Profiles\kc08x7df.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10092__200127
U3 aswbdisk; no ImagePath
U3 iswSvc; no ImagePath
2020-01-09 17:41 - 2020-01-09 17:41 - 000000184 _____ C:\Windows\AutoKMS.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
FirewallRules: [{82853DEF-9A70-4CA4-A710-EE1D9A6E31AD}] => (Allow) 㩃啜敳獲䅜浤湩䅜灰慄慴剜慯業杮癜敩屷楶睥攮數 No File
FirewallRules: [{E3D8594B-28BB-4C81-BB40-4996B7FD8756}] => (Allow) 㩃啜敳獲䅜浤湩䅜灰慄慴剜慯業杮癜敩屷档潲敭牤癩牥攮數 No File
FirewallRules: [{F19C8B75-34AE-4368-A1B1-76A3AB3724F3}] => (Allow) 㩃啜敳獲䅜浤湩䅜灰慄慴剜慯業杮癜敩屷桃潲敭䅜灰楬慣楴湯䍜牨浯⹥硥e No File
FirewallRules: [{31D2ECEC-BBBA-4AA4-B172-E8DE5FCFE3A3}] => (Allow) 㩃啜敳獲䅜浤湩䅜灰慄慴剜慯業杮癜敩屷楶睥⹕硥e No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 11
Average :
Sum : 16853
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-722231672-965411127-3486821242-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-722231672-965411127-3486821242-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit" => removed successfully
"HKU\S-1-5-21-722231672-965411127-3486821242-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully

========= type "C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kc08x7df.default\user.js" =========

user_pref("extensions.blocklist.enabled",false);
user_pref("extensions.update.enabled",false);
user_pref("app.normandy.enabled",false);
user_pref("app.normandy.api_url",);
user_pref("app.shield.optoutstudies.enabled",false);
user_pref("beacon.enabled",false);
user_pref("browser.cache.disk.enable",false);
user_pref("browser.cache.disk_cache_ssl",false);
user_pref("browser.cache.offline.enable",false);
user_pref("browser.display.use_document_fonts",0);
user_pref("browser.fixup.alternate.enabled",false);
user_pref("browser.formfill.enable",false);
user_pref("browser.link.open_newwindow.restriction",0);
user_pref("browser.library.activity-stream.enabled",false);
user_pref("browser.newtabpage.enabled",false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons",false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features",false);
user_pref("browser.newtabpage.activity-stream.telemetry",false);
user_pref("browser.newtabpage.activity-stream.feeds.sections",false);
user_pref("browser.newtabpage.activity-stream.feeds.snippets",false);
user_pref("browser.newtabpage.activity-stream.feeds.telemetry",false);
user_pref("browser.newtabpage.activity-stream.feeds.systemtick",false);
user_pref("browser.newtabpage.activity-stream.feeds.topsites",false);
user_pref("browser.newtabpage.activity-stream.feeds.section.topstories.options",);
user_pref("browser.newtabpage.activity-stream.telemetry.ping.endpoint",);
user_pref("browser.pagethumbnails.capturing_disabled",true);
user_pref("browser.ping-centre.telemetry",false);
user_pref("browser.ping-centre.production.endpoint",);
user_pref("browser.ping-centre.staging.endpoint",);
user_pref("browser.safebrowsing.phishing.enabled",false);
user_pref("browser.safebrowsing.malware.enabled",false);
user_pref("browser.safebrowsing.blockedURIs.enabled",false);
user_pref("browser.safebrowsing.downloads.enabled",false);
user_pref("browser.safebrowsing.downloads.remote.enabled",false);
user_pref("browser.safebrowsing.downloads.remote.block_dangerous",false);
user_pref("browser.safebrowsing.downloads.remote.block_dangerous_host",false);
user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted",false);
user_pref("browser.safebrowsing.downloads.remote.block_uncommon",false);
user_pref("browser.safebrowsing.downloads.remote.url",);
user_pref("browser.safebrowsing.provider.google.gethashURL",);
user_pref("browser.safebrowsing.provider.google.updateURL",);
user_pref("browser.safebrowsing.provider.google4.gethashURL",);
user_pref("browser.safebrowsing.provider.google4.updateURL",);
user_pref("browser.safebrowsing.provider.mozilla.gethashURL",);
user_pref("browser.safebrowsing.provider.mozilla.updateURL",);
user_pref("browser.search.countryCodeDE",);
user_pref("browser.search.geoSpecificDefaults",false);
user_pref("browser.search.geoip.url",);
user_pref("browser.search.suggest.enabled",false);
user_pref("browser.search.reset.enabled",false);
user_pref("browser.search.reset.status",);
user_pref("browser.search.widget.inNavBar",true);
user_pref("browser.sessionstore.max_tabs_undo",0);
user_pref("browser.sessionstore.max_windows_undo",0);
user_pref("browser.sessionstore.privacy_level",2);
user_pref("browser.slowStartup.notificationDisabled",true);
user_pref("browser.slowStartup.maxSamples",0);
user_pref("browser.slowStartup.samples",0);
user_pref("browser.startup.page",0);
user_pref("browser.tabs.crashReporting.sendReport",false);
user_pref("browser.urlbar.speculativeConnect.enabled",false);
user_pref("browser.urlbar.trimURLs",false);
user_pref("browser.urlbar.oneOffSearches",false);
user_pref("browser.urlbar.suggest.openpage",false);
user_pref("browser.urlbar.suggest.searches",false);
user_pref("camera.control.face_detection.enabled",false);
user_pref("startup.homepage_welcome_url",);
user_pref("datareporting.healthreport.uploadEnabled",false);
user_pref("datareporting.policy.dataSubmissionEnabled",false);
user_pref("device.sensors.enabled",false);
user_pref("devtools.webide.enabled",false);
user_pref("dom.enable_performance",false);
user_pref("dom.enable_performance_navigation_timing",false);
user_pref("dom.enable_resource_timing",false);
user_pref("dom.gamepad.enabled",false);
user_pref("dom.push.connection.enabled",false);
user_pref("dom.webaudio.enabled",false);
user_pref("dom.webnotifications.enabled",false);
user_pref("extensions.blocklist.enabled",false);
user_pref("extensions.formautofill.addresses.enabled",false);
user_pref("extensions.formautofill.creditCards.enabled",false);
user_pref("extensions.formautofill.heuristics.enabled",false);
user_pref("extensions.getAddons.cache.enabled",false);
user_pref("extensions.htmlaboutaddons.recommendations.enabled",false);
user_pref("extensions.htmlaboutaddons.discover.enabled",false);
user_pref("extensions.ui.lastCategory",addons://list/extension/extension);
user_pref("extensions.pocket.enabled",false);
user_pref("extensions.screenshots.disabled",true);
user_pref("extensions.screenshots.upload-disabled",true);
user_pref("extensions.systemAddon.update.enabled",false);
user_pref("extensions.systemAddon.update.enabled",false);
user_pref("extensions.webextensions.restrictedDomains",);
user_pref("extensions.getAddons.cache.enabled",false);
user_pref("font.blacklist.underline_offset",);
user_pref("geo.wifi.uri",);
user_pref("gfx.font_rendering.opentype_svg.enabled",true);
user_pref("layout.css.font-loading-api.enabled",false);
user_pref("layers.acceleration.disabled",true);
user_pref("media.cache_size",0);
user_pref("media.eme.enabled",false);
user_pref("media.navigator.enabled",false);
user_pref("media.navigator.video.enabled",false);
user_pref("media.peerconnection.enabled",false);
user_pref("media.video_stats.enabled",false);
user_pref("media.webspeech.synth.enabled",false);
user_pref("network.allow-experiments",false);
user_pref("network.captive-portal-service.enabled",false);
user_pref("network.dns.disablePrefetch",true);
user_pref("network.http.altsvc.enabled",false);
user_pref("network.http.altsvc.oe",false);
user_pref("network.http.referer.XOriginPolicy",2);
user_pref("network.IDN_show_punycode",true);
user_pref("network.http.speculative-parallel-limit",0);
user_pref("network.manage-offline-status",false);
user_pref("offline-apps.allow_by_default",false);
user_pref("offline-apps.quota.warn",0);
user_pref("permissions.default.geo",2/td>);
user_pref("places.history.enabled",false);
user_pref("plugin.default.state",0);
user_pref("plugins.enumerable_names",);
user_pref("plugins.hideMissingPluginsNotification",true);
user_pref("privacy.clearOnShutdown.cache",true);
user_pref("privacy.clearOnShutdown.cookies",true);
user_pref("privacy.clearOnShutdown.downloads",true);
user_pref("privacy.clearOnShutdown.formdata",true);
user_pref("privacy.clearOnShutdown.history",true);
user_pref("privacy.clearOnShutdown.offlineApps",true);
user_pref("privacy.clearOnShutdown.sessions",true);
user_pref("privacy.clearOnShutdown.siteSettings",true);
user_pref("extensions.webextensions.restrictedDomains",);
user_pref("privacy.sanitize.sanitizeOnShutdown",true);
user_pref("privacy.history.custom",true);
user_pref("privacy.userContext.enabled",true);
user_pref("privacy.userContext.ui.enabled",true);
user_pref("privacy.usercontext.about_newtab_segregation.enabled",true);
user_pref("privacy.userContext.longPressBehavior",2);
user_pref("reader.parse-on-load.enabled",false);
user_pref("security.mixed_content.block_active_content",true);
user_pref("security.mixed_content.upgrade_display_content",true);
user_pref("security.cert_pinning.enforcement_level",2);
user_pref("security.family_safety.mode",0);
user_pref("security.insecure_connection_icon.enabled",true);
user_pref("security.insecure_connection_icon.pbmode.enabled",true);
user_pref("security.insecure_connection_text.enabled",true);
user_pref("security.insecure_connection_text.pbmode.enabled",true);
user_pref("security.ssl.require_safe_negotiation",true);
user_pref("security.ssl.treat_unsafe_negotiation_as_broken",true);
user_pref("signon.autofillForms",false);
user_pref("signon.formlessCapture.enabled",false);
user_pref("toolkit.coverage.opt-out",true);
user_pref("toolkit.coverage.endpoint.base",);
user_pref("toolkit.telemetry.archive.enabled",false);
user_pref("toolkit.telemetry.coverage.opt-out",true);
user_pref("toolkit.telemetry.firstShutdownPing.enabled",false);
user_pref("toolkit.telemetry.hybridContent.enabled",false);
user_pref("toolkit.telemetry.bhrPing.enabled",false);
user_pref("toolkit.telemetry.newProfilePing.enabled",false);
user_pref("toolkit.telemetry.shutdownPingSender.enabled",false);
user_pref("toolkit.telemetry.updatePing.enabled",false);
user_pref("toolkit.telemetry.unified",false);
user_pref("webgl.disable-extensions",true);
user_pref("webgl.min_capability_mode",true);
user_pref("webgl.disable-fail-if-major-performance-caveat",true);
user_pref("webgl.enable-debug-renderer-info",false);
user_pref("browser.shell.checkDefaultBrowser",false);
user_pref("extensions.autoDisableScopes",0);
user_pref("app.update.enabled",false);
user_pref("(enterprise_active)",true);

========= End of CMD: =========

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kc08x7df.default\user.js => moved successfully
"Firefox newtab" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\iswSvc => removed successfully
iswSvc => service removed successfully
C:\Windows\AutoKMS.ini => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82853DEF-9A70-4CA4-A710-EE1D9A6E31AD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3D8594B-28BB-4C81-BB40-4996B7FD8756}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F19C8B75-34AE-4368-A1B1-76A3AB3724F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{31D2ECEC-BBBA-4AA4-B172-E8DE5FCFE3A3}" => removed successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8558872 B
Java, Flash, Steam htmlcache => 1188 B
Windows/system/drivers => 1435578 B
Edge => 78551 B
Chrome => 17999979 B
Firefox => 24506257 B
Opera => 148720 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4652 B
NetworkService => 4652 B
Admin => 817769615 B

RecycleBin => 0 B
EmptyTemp: => 840 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-02-2020 20:01:26)

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

==== End of Fixlog 20:01:26 ====

#36 Příspěvek od **Conder** » 03 úno 2020 21:36

Resetovanie hosts suboru bolo sucastou fixlistu, preto to upozornenie. Poprosim este raz o nove logy z FRST.

Antusek · #37 Příspěvek od **Antusek** » 03 úno 2020 21:41

Posílám logy a dík za další rady.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Admin (administrator) on DESKTOP-1U0LM3C (03-02-2020 21:38:07)
Running from D:\Aviry
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 10 Home Version 1909 18363.592 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Inc.) [File not signed] D:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) D:\Fotoeditory\Adobe Photoshop Elements 11\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) D:\Aviry\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) D:\Aviry\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) D:\Aviry\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) D:\Aviry\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) D:\Aviry\Avira\Antivirus\sched.exe
(Geek Software GmbH -> Geek Software GmbH) D:\Programy\PDF24\pdf24.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) D:\Aviry\CheckPoint\ZoneAlarm\zatray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(Piriform Software Ltd -> Piriform Ltd) D:\Aviry\CCleaner\CCleaner64.exe
(Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
Failed to access process -> Pm70.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [2785304 2020-01-28] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [ZoneAlarm] => D:\Aviry\CheckPoint\ZoneAlarm\zatray.exe [326448 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [CCleaner Smart Cleaning] => D:\Aviry\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-16] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Avira.lnk [2020-02-02]
ShortcutTarget: Avira.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk [2020-01-31]
ShortcutTarget: Acrobat Assistant.lnk -> D:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-11-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1BE40A9B-3D3C-46F1-98D0-2F0443256942} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-01-22] (Softland SRL -> )
Task: {26F6B29D-8041-4014-A8B1-887015FC39CD} - System32\Tasks\Opera scheduled assistant Autoupdate 1580117963 => C:\Program Files (x86)\Opera\launcher.exe [1350680 2020-01-22] (Opera Software AS -> Opera Software)
Task: {30515FA6-F9ED-44C5-8EFA-8506DAE5A0F2} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-1U0LM3C-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {31F2F915-2C43-4B33-A791-0F6B2BF361B1} - System32\Tasks\Opera scheduled Autoupdate 1574800406 => C:\Program Files (x86)\Opera\launcher.exe [1350680 2020-01-22] (Opera Software AS -> Opera Software)
Task: {3E71E1A5-2EFB-4D64-9774-A612A75B9C91} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe [98608 2020-01-22] (Softland SRL -> )
Task: {41F43FA7-7199-4F51-8BB7-6C396C188626} - System32\Tasks\CCleanerSkipUAC => D:\Aviry\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {45D3064C-3490-40EA-A308-48CC75246022} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {6D0F4719-6443-4675-A203-79D1F80F2BD1} - System32\Tasks\Avira_Antivirus_Systray => D:\Aviry\Avira\Antivirus\avgnt.exe [2757672 2019-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {98AED33B-F8AF-4B63-A24A-A0B3C9CC1457} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {B01B9418-6846-4E2E-A1D2-A7B9F27667D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {B3F8FF2A-AF7C-41B7-A3DF-C3DD0781737E} - System32\Tasks\CCleaner Update => D:\Aviry\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BB9C4A9E-8903-42A2-9BCF-77E08E69BE01} - System32\Tasks\klcp_update => D:\Prográmky\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2019-11-16] () [File not signed]
Task: {E948ECFF-5A89-46DA-AE8D-EFA7EF4E35F1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {FFDCBDCA-7CFB-4740-B675-7E5A751731CC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-26] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{266e809c-ac84-4a9e-b962-f5e47fcf4ea6}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)

FireFox:
========
FF DefaultProfile: kc08x7df.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kc08x7df.default [2020-02-03]
FF Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kc08x7df.default\Extensions\uBlock0@raymondhill.net.xpi [2019-11-27]
FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-10-02]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2020-02-03]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (uBlock Origin) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-26]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-31]

Opera:
=======
OPR Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2019-11-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor10.0; D:\Fotoeditory\Adobe Photoshop Elements 11\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 AntiVirMailService; D:\Aviry\Avira\Antivirus\avmailc7.exe [1210168 2019-12-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; D:\Aviry\Avira\Antivirus\ProtectedService.exe [535352 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; D:\Aviry\Avira\Antivirus\sched.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Aviry\Avira\Antivirus\avguard.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; D:\Aviry\Avira\Antivirus\avwebg7.exe [574848 2020-01-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [768408 2020-02-03] (ASUSTeK Computer Inc. -> )
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
U2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
S3 MBAMService; D:\Aviry\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Office14\GROOVE.EXE [30963576 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-01-22] (Softland SRL -> Microsoft)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF24; D:\Programy\PDF24\pdf24.exe [487048 2019-10-21] (Geek Software GmbH -> Geek Software GmbH)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 vsmon; D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe [4501544 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [40304 2019-02-07] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; D:\Aviry\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\Windows\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [207784 2019-12-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [197176 2019-09-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-18] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-18] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-18] (Hewlett-Packard Company -> Microsoft Corporation)
R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-01-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [461240 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-26] (Microsoft Windows -> Microsoft Corporation)
U3 iswSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-03 20:04 - 2020-02-03 20:04 - 000000000 _____ C:\Windows\cpepmon.mlf
2020-02-02 22:16 - 2020-02-02 22:17 - 000000192 _____ C:\Users\Admin\Desktop\Mail.ru.url
2020-02-02 19:07 - 2020-02-02 19:08 - 000000000 ____D C:\AdwCleaner
2020-02-02 13:55 - 2020-02-02 13:55 - 000043268 _____ C:\Users\Admin\Documents\Ples ke 150. výročí T.J. Sokol Praha Vršovice 1.2.2020.wlmp
2020-02-02 09:38 - 2020-02-02 09:38 - 000227244 _____ C:\Users\Admin\Downloads\Hluboká pravda z ��st lékaře vojenské nemocnice.pdf
2020-01-31 20:46 - 2020-01-31 20:46 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Softland
2020-01-31 20:45 - 2020-01-31 20:45 - 000003688 _____ C:\Windows\system32\Tasks\doPDF 10 Update
2020-01-31 20:45 - 2020-01-31 20:45 - 000003674 _____ C:\Windows\system32\Tasks\doPDF 10 Telemetry
2020-01-31 20:45 - 2020-01-31 20:45 - 000000000 ____D C:\Users\Admin\AppData\Local\Softland
2020-01-31 20:45 - 2020-01-31 20:45 - 000000000 ____D C:\ProgramData\Softland
2020-01-31 20:45 - 2020-01-31 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 10
2020-01-31 20:45 - 2020-01-31 20:45 - 000000000 ____D C:\Program Files\Softland
2020-01-31 20:45 - 2020-01-31 20:45 - 000000000 ____D C:\Program Files (x86)\Softland
2020-01-31 20:03 - 2020-01-31 20:06 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Wondershare
2020-01-31 20:03 - 2020-01-31 20:03 - 000000000 ____D C:\Users\Admin\AppData\Local\Wondershare
2020-01-31 20:02 - 2020-01-31 20:06 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-01-31 19:10 - 2020-01-31 19:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\PrimoPDF
2020-01-31 19:08 - 2020-01-31 19:10 - 000000000 ____D C:\Program Files (x86)\Nitro PDF
2020-01-31 19:08 - 2015-09-01 14:41 - 000095008 _____ C:\Windows\system32\Primomonnt.dll
2020-01-31 19:01 - 2020-01-31 19:01 - 000000000 ____D C:\Users\Admin\AppData\Roaming\inst
2020-01-31 18:52 - 2020-01-31 18:52 - 002326656 _____ C:\Windows\cadkasdeinst01.exe
2020-01-31 18:52 - 2020-01-31 18:52 - 000000000 ____D C:\Users\Admin\AppData\Roaming\CAD-KAS
2020-01-31 16:58 - 2020-01-31 16:59 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-01-31 16:58 - 2020-01-31 16:59 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-01-31 16:58 - 2020-01-31 16:59 - 000000927 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-31 16:58 - 2020-01-31 16:58 - 000000000 ____D C:\Users\Admin\AppData\Local\mbamtray
2020-01-31 16:58 - 2020-01-31 16:58 - 000000000 ____D C:\Users\Admin\AppData\Local\mbam
2020-01-31 16:58 - 2020-01-31 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-31 16:58 - 2020-01-31 16:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-31 16:30 - 2020-02-03 21:38 - 000000000 ____D C:\FRST
2020-01-30 09:19 - 2020-01-30 09:19 - 001363429 _____ C:\Users\Admin\Downloads\VID-20170114-WA0003.mp4
2020-01-28 00:17 - 2020-02-03 20:00 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Temp
2020-01-27 23:49 - 2020-01-31 21:17 - 000000000 ____D C:\Users\Admin\AppData\Roaming\view
2020-01-27 23:49 - 2020-01-27 23:49 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\view
2020-01-27 23:48 - 2020-02-02 19:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Lavasoft
2020-01-27 23:48 - 2020-02-02 19:08 - 000000000 ____D C:\Users\Admin\AppData\Local\Lavasoft
2020-01-27 23:48 - 2020-02-02 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-01-27 23:48 - 2020-02-02 19:08 - 000000000 ____D C:\ProgramData\Lavasoft
2020-01-27 23:48 - 2020-02-02 19:08 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-01-27 23:48 - 2020-01-27 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vso
2020-01-27 23:48 - 2020-01-27 23:48 - 000000000 ____D C:\Program Files (x86)\vso
2020-01-27 22:42 - 2020-01-27 22:42 - 000000000 ____D C:\Users\Admin\AppData\Roaming\PDF Producer
2020-01-27 21:43 - 2020-01-27 21:43 - 000001189 _____ C:\Users\Public\Desktop\Avira.lnk
2020-01-27 10:39 - 2020-01-29 10:39 - 000004194 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1580117963
2020-01-22 11:06 - 2020-01-22 11:06 - 000018944 _____ (Softland) C:\Windows\system32\novamn10.dll
2020-01-22 11:06 - 2020-01-22 11:06 - 000015872 _____ (Softland) C:\Windows\system32\novami10.dll
2020-01-20 22:28 - 2020-01-27 23:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-17 14:56 - 2020-01-17 14:56 - 012381996 _____ C:\Users\Admin\Downloads\getfvid_10000000_2196253103999578_8666084806774988589_n11 (1).mp4
2020-01-15 21:19 - 2020-01-15 21:19 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Real
2020-01-15 21:19 - 2020-01-15 21:19 - 000000000 ____D C:\Users\Admin\AppData\Local\Real
2020-01-15 21:19 - 2020-01-15 21:19 - 000000000 ____D C:\ProgramData\Real
2020-01-15 19:20 - 2020-01-15 19:20 - 025900032 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 022627840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 019849216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 018020352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 009928208 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-15 19:20 - 2020-01-15 19:20 - 008012800 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 007754752 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 007600448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 007016448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 006520480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 005913600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 003729408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-01-15 19:20 - 2020-01-15 19:20 - 003703296 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 002870784 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 002801152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-01-15 19:20 - 2020-01-15 19:20 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-01-15 19:20 - 2020-01-15 19:20 - 002561536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 002494464 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 002473976 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001985928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001697280 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001655880 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001610752 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001399096 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-01-15 19:20 - 2020-01-15 19:20 - 001330952 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001106944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001072952 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-01-15 19:20 - 2020-01-15 19:20 - 001051664 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 001020032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000921600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000896512 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000852480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000851456 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-15 19:20 - 2020-01-15 19:20 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000689664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000678712 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000671232 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-15 19:20 - 2020-01-15 19:20 - 000646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-01-15 19:20 - 2020-01-15 19:20 - 000542496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000432256 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-01-15 19:20 - 2020-01-15 19:20 - 000400696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-01-15 19:20 - 2020-01-15 19:20 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000363840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-01-15 19:20 - 2020-01-15 19:20 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-01-15 19:20 - 2020-01-15 19:20 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV1.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-01-15 19:20 - 2020-01-15 19:20 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-01-15 19:20 - 2020-01-15 19:20 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000162696 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-01-15 19:20 - 2020-01-15 19:20 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000127520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000102400 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000089536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-01-15 19:20 - 2020-01-15 19:20 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2020-01-15 19:20 - 2020-01-15 19:20 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiatrace.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-01-15 19:20 - 2020-01-15 19:20 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 19:14 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-01-15 19:14 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-01-15 17:59 - 2020-01-15 17:59 - 000000305 _____ C:\Users\Admin\Downloads\Část_připojené_zprávy
2020-01-13 21:59 - 2020-01-13 21:59 - 002981730 _____ C:\Users\Admin\Downloads\Na rozjezd dne,.ppsx
2020-01-10 17:33 - 2020-01-10 17:33 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2020-01-10 17:33 - 2020-01-10 17:33 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2020-01-09 18:03 - 2020-01-09 18:03 - 000000000 ____D C:\Windows\system32\Tasks\S-1-5-21-722231672-965411127-3486821242-1001
2020-01-09 17:28 - 2020-01-09 17:28 - 000002752 _____ C:\Users\Admin\Desktop\Microsoft Outlook 2010.lnk
2020-01-09 17:27 - 2020-01-09 17:27 - 000002752 _____ C:\Users\Admin\Desktop\Microsoft Word 2010.lnk
2020-01-09 17:27 - 2020-01-09 17:27 - 000002704 _____ C:\Users\Admin\Desktop\Microsoft PowerPoint 2010.lnk
2020-01-09 17:26 - 2020-01-09 17:26 - 000002714 _____ C:\Users\Admin\Desktop\Microsoft Excel 2010.lnk
2020-01-09 17:22 - 2020-01-09 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2020-01-09 17:22 - 2020-01-09 17:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2020-01-09 17:22 - 2020-01-09 17:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2020-01-09 17:22 - 2020-01-09 17:22 - 000000000 ____D C:\Program Files (x86)\Document Themes 14
2020-01-09 17:22 - 2020-01-09 17:22 - 000000000 ____D C:\Program Files (x86)\CLIPART
2020-01-09 17:21 - 2020-01-31 20:17 - 000000000 ____D C:\Program Files (x86)\Office14
2020-01-09 17:21 - 2020-01-09 17:35 - 000000000 ____D C:\Program Files (x86)\Stationery
2020-01-09 17:21 - 2020-01-09 17:30 - 000000000 ____D C:\Users\Admin\AppData\Local\Microsoft Help
2020-01-09 17:21 - 2020-01-09 17:21 - 000000000 ____D C:\Windows\system32\Tasks\OfficeSoftwareProtectionPlatform
2020-01-09 17:21 - 2020-01-09 17:21 - 000000000 ____D C:\Program Files\Microsoft Office
2020-01-09 17:21 - 2020-01-09 17:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2020-01-09 17:21 - 2020-01-09 17:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2020-01-09 17:21 - 2020-01-09 17:21 - 000000000 ____D C:\Program Files (x86)\MEDIA
2020-01-09 17:20 - 2020-01-09 17:20 - 000000000 __RHD C:\MSOCache
2020-01-07 22:19 - 2020-01-07 22:19 - 005573613 _____ C:\Users\Admin\Downloads\vzpominky_na_stare_casy.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-03 20:41 - 2019-11-27 01:03 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2020-02-03 20:05 - 2019-11-20 12:13 - 001693640 _____ C:\Windows\system32\PerfStringBackup.INI
2020-02-03 20:05 - 2019-03-19 12:55 - 000716944 _____ C:\Windows\system32\perfh005.dat
2020-02-03 20:05 - 2019-03-19 12:55 - 000145024 _____ C:\Windows\system32\perfc005.dat
2020-02-03 20:05 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2020-02-03 20:03 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-03 20:01 - 2019-11-20 19:04 - 000807280 _____ C:\Windows\system32\wpbbin.exe
2020-02-03 20:01 - 2019-11-20 19:04 - 000768408 _____ C:\Windows\system32\AsusUpdateCheck.exe
2020-02-03 20:01 - 2019-11-20 19:04 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-03 20:01 - 2019-11-20 12:12 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-03 20:00 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-02-03 19:25 - 2019-11-20 19:04 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-02-03 17:12 - 2019-11-27 01:56 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2020-02-03 10:43 - 2019-11-20 19:04 - 000739000 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-31 21:32 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2020-01-31 20:45 - 2019-11-26 20:17 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-31 20:17 - 2019-11-27 00:21 - 000001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 5.0.lnk
2020-01-31 19:58 - 2019-11-20 12:16 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2020-01-31 19:47 - 2019-11-26 21:49 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-01-31 19:47 - 2019-11-26 21:49 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-01-31 19:47 - 2019-11-26 21:49 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-01-31 19:28 - 2019-11-26 21:55 - 000000000 ____D C:\ProgramData\ABBYY
2020-01-31 16:59 - 2019-12-09 20:03 - 000000000 ____D C:\Users\Admin\AppData\Local\cache
2020-01-31 16:58 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-01-31 11:29 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-31 11:27 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2020-01-30 09:17 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\NDF
2020-01-27 23:09 - 2019-11-26 21:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-27 21:43 - 2019-11-26 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-01-27 10:39 - 2019-11-26 21:33 - 000003970 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1574800406
2020-01-27 10:39 - 2019-11-26 21:33 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-01-27 10:39 - 2019-11-26 21:33 - 000000000 ____D C:\Program Files (x86)\Opera
2020-01-24 10:47 - 2019-11-26 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-01-23 18:17 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-01-21 08:42 - 2019-11-26 21:34 - 000001211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-19 17:23 - 2019-11-27 00:25 - 000057378 _____ C:\Windows\ATMREG.ATM
2020-01-18 20:55 - 2019-11-20 12:15 - 000000000 ____D C:\Users\Admin
2020-01-16 22:14 - 2019-11-26 21:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-16 22:14 - 2019-11-26 21:30 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-15 19:41 - 2019-11-20 12:18 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-722231672-965411127-3486821242-1001
2020-01-15 19:41 - 2019-11-20 12:18 - 000000000 ___RD C:\Users\Admin\OneDrive
2020-01-15 19:41 - 2019-11-20 12:15 - 000002361 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-15 19:39 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\UNP
2020-01-15 19:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2020-01-15 19:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-01-15 19:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2020-01-15 19:24 - 2019-11-26 20:09 - 000000000 ____D C:\Windows\system32\MRT
2020-01-15 19:22 - 2019-11-26 20:09 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-12 22:12 - 2019-03-19 05:49 - 000000202 _____ C:\Windows\win.ini
2020-01-10 17:33 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-09 17:35 - 2019-11-27 00:12 - 000000000 ____D C:\Windows\SHELLNEW
2020-01-09 17:34 - 2019-11-26 21:30 - 000004194 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-01-09 17:22 - 2019-11-27 21:16 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2020-01-09 17:22 - 2019-11-27 21:06 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-01-09 17:22 - 2019-11-27 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Admin (03-02-2020 21:39:36)
Running from D:\Aviry
Windows 10 Home Version 1909 18363.592 (X64) (2019-11-20 11:08:16)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Admin (S-1-5-21-722231672-965411127-3486821242-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-722231672-965411127-3486821242-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-722231672-965411127-3486821242-503 - Limited - Disabled)
Guest (S-1-5-21-722231672-965411127-3486821242-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-722231672-965411127-3486821242-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {8D637332-9C08-995E-98D7-8237936B0E9F}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{59bab6b1-f615-42c3-9614-8dc338ac8ed4}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{82B6E5B0-3F76-446B-9FDE-0200B5B36B37}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2001.1707 - Avira Operations GmbH & Co. KG)
BAHN 3.81r1 (HKLM-x32\...\BAHN381r1_is1) (Version: 3.81 - JBSS Chemnitz/Dresden)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{C9FD7BFF-6054-449C-BCDB-C2A0B43516A7}) (Version: 4.5.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM-x32\...\{CFA33E6D-2D7D-4785-8025-974398E940D1}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
doPDF (HKLM\...\{2CBA4673-9199-49C7-831D-79C3206813BD}) (Version: 10.6.122 - Softland) Hidden
doPDF 10 (HKLM-x32\...\{352315dd-a81c-4612-a5d8-508e51fe30ab}) (Version: 10.6.122 - Softland)
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{064F8223-4848-4562-B77E-997C3E74E749}) (Version: 10.6.122 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{705BC7F6-DE19-4764-A8C2-0162DC824AB9}) (Version: 10.6.122 - Softland)
doPDF 10 Printer Driver (HKLM\...\{1A09B3A6-2622-480B-820B-6E6A3B9BB9CB}) (Version: 10.6.122 - Softland)
Elements 10 Organizer (HKLM-x32\...\{22D3A614-482C-444A-932C-9DA1B8ECDFD2}) (Version: 10.0 - Název společnosti:) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
F4200 (HKLM-x32\...\{C86E1E36-6D30-4834-9C85-5501F31F7BB4}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Check Point SBA (HKLM\...\{C8325D51-E514-475B-AFF2-550C3527E563}) (Version: 86.5.9511 - Check Point Software Technologies Ltd.) Hidden
K-Lite Mega Codec Pack 15.2.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.2.6 - KLCP)
LibreOffice 6.3.3.2 (HKLM\...\{4DACF7A7-C851-4943-A63D-3CAE495C48E0}) (Version: 6.3.3.2 - The Document Foundation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Czech/èeština (HKLM-x32\...\Office14.OMUI.cs-cz) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Opera Stable 66.0.3515.44 (HKLM-x32\...\Opera 66.0.3515.44) (Version: 66.0.3515.44 - Opera Software)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
PDF Architect 7 (HKLM-x32\...\PDF Architect 7) (Version: 7.1.13.1755 - pdfforge GmbH)
PDF Architect 7 Create Module (HKLM\...\{B600CC13-8F68-4D44-8867-93490894FAE5}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 Edit Module (HKLM\...\{BA2C2671-B379-4101-A21C-4C549671FC8D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 View Module (HKLM\...\{E947A304-6110-4CFE-98AD-E6909072E87D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF24 Creator 9.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PSE10 STI Installer (HKLM-x32\...\{11D08055-939C-432b-98C3-E072478A0CD7}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
rajče průvodce verze 1.59.45.260 (HKLM-x32\...\rajče.net_is1) (Version: - rajče.net)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{1FCBAAF2-0321-4986-8DAE-5F2891EC6E8E}) (Version: - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verze 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
VSO Inspector 2.0.2 (HKLM-x32\...\VSO Inspector_is1) (Version: - VSO-Software SARL)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.002.1006 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{18FE6943-D33D-42F5-99D5-0ED22F633E32}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.6.121.18102 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{881E7A8C-9C4B-4D14-B390-EAFBA278CF45}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden
Zoner Photo Studio 8 (HKLM-x32\...\Zoner Photo Studio 8_is1) (Version: - ZONER software)

Packages:
=========
ASUS Grid (Beta) -> C:\Program Files\WindowsApps\B9ECED6F.133F79A42C6_1.0.14.0_x64__qmba6cd70vzyy [2019-11-20] (ASUSTeK COMPUTER INC.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.7.0_x86__kgqvnymyfvs32 [2020-01-12] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.29.4.0_x86__kgqvnymyfvs32 [2020-01-26] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-25] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-26] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.12130.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0 [2020-01-31] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-722231672-965411127-3486821242-1001_Classes\CLSID\{B0EEFB45-D1D5-6100-7B21-7585C295AC69}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Archivace\WinRAR\rarext64.dll [2008-06-20] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Archivace\WinRAR\rarext.dll [2008-08-29] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Aviry\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => D:\Aviry\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Archivace\WinRAR\rarext64.dll [2008-06-20] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Archivace\WinRAR\rarext.dll [2008-08-29] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Aviry\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => D:\Aviry\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Archivace\WinRAR\rarext64.dll [2008-06-20] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Archivace\WinRAR\rarext.dll [2008-08-29] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-11-27 00:19 - 2001-06-18 02:59 - 000094208 _____ ( Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\EpsImport.dll
2019-11-27 00:19 - 2001-06-18 02:28 - 000073728 _____ ( Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\InitBravo.dll
2019-11-27 00:19 - 2001-06-18 03:28 - 000073728 _____ ( Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\InitPM7Bravo.dll
2019-11-04 15:09 - 2019-11-04 15:09 - 000059392 _____ () [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\SA\dict-vectorizer.dll
2019-11-27 00:19 - 2001-06-18 02:26 - 000086016 _____ () [File not signed] D:\Programy\Adobe\PageMaker 7.0\Aoln.dll
2019-11-27 00:19 - 2001-06-18 02:18 - 000064512 _____ () [File not signed] D:\Programy\Adobe\PageMaker 7.0\MAIPM6.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 003444736 _____ () [File not signed] D:\Programy\Adobe\PageMaker 7.0\MPS.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 000167936 _____ () [File not signed] D:\Programy\Adobe\PageMaker 7.0\RSRC\Linguist\Prx\PRXLNG1.DLL
2019-11-27 00:19 - 2001-06-18 02:19 - 000011776 _____ () [File not signed] D:\Programy\Adobe\PageMaker 7.0\RSRC\Linguist\Prx\USENGLSH\Prxlng1.RSL
2019-11-27 00:19 - 2001-06-18 02:35 - 000663552 _____ () [File not signed] D:\Programy\Adobe\PageMaker 7.0\Vamp.dll
2019-11-27 00:19 - 2001-06-18 02:37 - 000147456 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\ALDCL6.dll
2019-11-27 00:19 - 2001-06-18 02:30 - 000081920 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\ALDFS32.dll
2019-11-27 00:19 - 2001-06-18 02:43 - 000421888 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\aldim4.dll
2019-11-27 00:19 - 2001-06-18 02:30 - 000077824 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\ALDVM32.dll
2019-11-27 00:19 - 2001-06-18 02:39 - 000278528 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\GEng32.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 000069632 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\PM7OPP.dll
2019-11-27 00:19 - 2001-06-18 03:48 - 000323584 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\PMExt.dll
2019-11-27 00:19 - 2001-06-18 03:44 - 000184320 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\RBENG.dll
2019-11-27 00:19 - 2001-06-18 03:45 - 000102400 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\RSRC\SwitchB\DFLTCMSG\DFLTCMSG.SWB
2019-11-27 00:19 - 2001-06-18 02:30 - 000020480 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\RSRC\USENGLSH\ALDFSR32.RSL
2019-11-27 00:19 - 2001-06-18 02:43 - 000020480 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\RSRC\USENGLSH\ALDIM4RS.RSL
2019-11-27 00:19 - 2001-06-18 03:43 - 000045056 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\RSRC\USENGLSH\ALDRBRES.RSL
2019-11-27 00:19 - 2001-06-18 03:45 - 000032768 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\RSRC\USENGLSH\DFLTRES.RSL
2019-11-27 00:19 - 2001-06-18 03:43 - 000020480 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\RSRC\USENGLSH\inlng1.rsl
2019-11-27 00:19 - 2001-06-19 22:50 - 000978944 _____ (Adobe Systems Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\RSRC\USENGLSH\PM70.RSL
2019-11-27 00:19 - 2001-06-18 02:18 - 000017920 _____ (Adobe Systems Incorporated.) [File not signed] D:\Programy\Adobe\PageMaker 7.0\MF.dll
2019-11-27 00:19 - 2001-06-18 02:18 - 000446464 _____ (Adobe Systems, Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\ACE.dll
2019-11-27 00:19 - 2001-06-18 02:18 - 001859584 _____ (Adobe Systems, Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\AGM.dll
2019-11-27 00:19 - 2001-06-18 02:18 - 000147456 _____ (Adobe Systems, Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\BIB.dll
2019-11-27 00:19 - 2001-06-18 02:18 - 001441792 _____ (Adobe Systems, Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\CoolType.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 000434176 _____ (Adobe Systems, Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\PM7ACE.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 001781760 _____ (Adobe Systems, Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\PM7AGM.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 000188529 _____ (Adobe Systems, Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\PM7BIB.dll
2019-11-27 00:19 - 2001-06-18 02:19 - 001347584 _____ (Adobe Systems, Incorporated) [File not signed] D:\Programy\Adobe\PageMaker 7.0\PM7CoolType.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 16:44 - 2012-05-27 16:44 - 000032256 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000934400 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\Windows\SYSTEM32\hpzipr12.dll
2019-11-27 11:15 - 2019-11-27 11:15 - 000398336 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider32.dll
2019-11-27 11:18 - 2019-11-27 11:18 - 000513536 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll
2019-11-27 11:15 - 2019-11-27 11:15 - 000055296 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt32.dll
2019-11-27 11:18 - 2019-11-27 11:18 - 000067072 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt64.dll
2019-11-27 11:15 - 2019-11-27 11:15 - 000020480 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr32.dll
2019-11-27 11:18 - 2019-11-27 11:18 - 000019968 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr64.dll
2019-07-25 10:52 - 2019-07-25 10:52 - 000986112 _____ (Microsoft Corporation) [File not signed] D:\Aviry\CheckPoint\ZoneAlarm\dbghelp.dll
2019-11-10 11:38 - 2019-11-10 11:38 - 001124352 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll
2020-01-22 11:06 - 2020-01-22 11:06 - 000018944 _____ (Softland) [File not signed] C:\Windows\System32\novamn10.dll
2018-12-10 10:29 - 2018-12-10 10:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect 7\libcurl.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2020-02-03 20:01 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-722231672-965411127-3486821242-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Pictures\Saved Pictures\M104 - Sombrero.bmp
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3F60A5E6-326B-4D15-A51D-52B43BF1ABC4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D53AC4E9-924B-48B4-A6E6-95AF36DAFFDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B089ECCD-20EB-4D16-B8AF-1D4489D9D0B8}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{1C57980D-0A0C-43A0-986F-014867AF8077}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{927F259B-AC23-45ED-BD19-6C0580DD3502}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{C1710658-90E6-4741-B02E-F5D096497718}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{13FD4DA9-5757-49F9-987F-7641F63CD5D5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09D0FD54-F9E5-4E9B-B5EC-8C5985AB222F}] => (Allow) LPort=2869
FirewallRules: [{63FD2332-F2D6-45A0-8793-C7410883EF3D}] => (Allow) LPort=1900
FirewallRules: [{9613ED42-B080-4100-B926-181EECF996C8}] => (Allow) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{B1066463-F801-44E9-A76F-8650057FE7B9}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ABCAB01E-49FE-4C83-A2C7-843DE4194198}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87F08FF4-AAB0-4911-9194-EB67A27D0ED3}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D33BCFB3-EA54-4BD5-954B-45F544174DFE}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CD11C171-19E0-4EFD-9913-9F563B0EE8AF}] => (Allow) C:\Program Files (x86)\Office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98E8879A-38BA-483B-89F0-5514BB3FAC00}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE403C6C-2ED9-4B10-85D1-BDBF155012D1}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F734B721-4232-451F-A5E9-157E6393D7F1}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB112F68-6520-4872-B8B2-0B0CACB9CA23}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E57676E-0170-42AF-A121-C142686822E4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2514E751-3685-4B49-8DD3-37616BE45B6A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6AB2BF7E-3896-4B1B-A2BE-D7D37BF0FB21}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FD1B87C3-9AF6-4F8F-8F22-1EBBA34B1E98}] => (Allow) C:\Program Files (x86)\Opera\66.0.3515.44\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{200D12C5-6D10-48F2-8B09-BD7BF4C096B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F2CB13D-9C1E-46F0-A011-2BBE83644B87}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{06D51213-8937-440D-BD37-5D2DD41F5315}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{809B4C5C-8C64-40AF-8950-58FEC7A1C568}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{04B82AB2-7311-4DFD-97BC-25BB38395148}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{650CCD15-C19B-4AE3-BFD4-71A26EEB4E92}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5CE7F475-C8FD-4A67-AD86-00553CAFF74C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B228C24B-EE1C-45C5-AEA6-71176ADE74DF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D9603B5C-325E-4237-BC4E-91DCA55B90A1}] => (Allow) LPort=8501
FirewallRules: [{7059C7E5-30C1-4084-A8C6-CA7C0AB13286}] => (Allow) LPort=8501

==================== Restore Points =========================

12-01-2020 22:12:21 Windows Update
24-01-2020 17:12:37 Naplánovaný kontrolní bod
27-01-2020 22:44:41 Removed ABBYY PDF Transformer+.
31-01-2020 11:26:47 Windows Update
03-02-2020 19:59:52 Restore Point Created by FRST

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (02/03/2020 08:41:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Pm70.exe, verze: 0.7.0.0, časové razítko: 0x3b2d4092
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.387, časové razítko: 0xa4208572
Kód výjimky: 0xc0000374
Posun chyby: 0x000df94d
ID chybujícího procesu: 0x1118
Čas spuštění chybující aplikace: 0x01d5dac55130f102
Cesta k chybující aplikaci: D:\Programy\Adobe\PageMaker 7.0\Pm70.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 9237729c-0638-48de-bd30-d90d21ba7530
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/03/2020 08:30:08 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 24104; požadovaná velikost: 26968.

Error: (02/03/2020 07:59:52 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {03f70a29-1a15-4272-8d1b-beb0e2d1ad68}

Error: (02/03/2020 10:40:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wmplayer.exe verze 12.0.18362.449 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1d40

Čas spuštění: 01d5da75b3c6b0d5

Čas ukončení: 9

Cesta k aplikaci: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

ID hlášení: 3b149608-d953-470d-b77f-4ac8bafcd323

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (02/02/2020 10:13:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Pm70.exe, verze: 0.7.0.0, časové razítko: 0x3b2d4092
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.387, časové razítko: 0xa4208572
Kód výjimky: 0xc0000374
Posun chyby: 0x000df94d
ID chybujícího procesu: 0x23b8
Čas spuštění chybující aplikace: 0x01d5da0bfa67420f
Cesta k chybující aplikaci: D:\Programy\Adobe\PageMaker 7.0\Pm70.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 34b549d3-3071-483d-b828-0bdd4c7f0c13
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/02/2020 09:43:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Pm70.exe, verze: 0.7.0.0, časové razítko: 0x3b2d4092
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.387, časové razítko: 0xa4208572
Kód výjimky: 0xc0000374
Posun chyby: 0x000df94d
ID chybujícího procesu: 0x560
Čas spuštění chybující aplikace: 0x01d5da05c8a49dd7
Cesta k chybující aplikaci: D:\Programy\Adobe\PageMaker 7.0\Pm70.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 25b68ed0-6095-4daf-87c9-b432d877e6a3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/02/2020 08:41:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Pm70.exe, verze: 0.7.0.0, časové razítko: 0x3b2d4092
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.387, časové razítko: 0xa4208572
Kód výjimky: 0xc0000374
Posun chyby: 0x000df94d
ID chybujícího procesu: 0x2124
Čas spuštění chybující aplikace: 0x01d5d9fe39845161
Cesta k chybující aplikaci: D:\Programy\Adobe\PageMaker 7.0\Pm70.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 93bf8ff6-ac9d-4b2d-a4b8-d6ec8c414d86
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/02/2020 08:10:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Pm70.exe, verze: 0.7.0.0, časové razítko: 0x3b2d4092
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.387, časové razítko: 0xa4208572
Kód výjimky: 0xc0000374
Posun chyby: 0x000df94d
ID chybujícího procesu: 0x43c
Čas spuštění chybující aplikace: 0x01d5d9fc2eeb65fd
Cesta k chybující aplikaci: D:\Programy\Adobe\PageMaker 7.0\Pm70.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 64b73e8c-a110-4b09-8bae-bb8dc9586058
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (02/03/2020 08:05:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby CPEFR bylo dosaženo časového limitu (60000 ms).

Error: (02/03/2020 08:00:54 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Check Point Endpoint EFR se po přijetí pokynu pro vypnutí neukončila správně.

Error: (02/03/2020 07:59:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/03/2020 07:59:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Active File Monitor V10 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/03/2020 07:59:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/03/2020 07:59:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Architect 7 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/03/2020 07:59:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba hpqcxs08 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/03/2020 07:59:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Service Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Windows Defender:
===================================
Date: 2019-11-26 20:03:39.567
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.285.74.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2019-11-26 20:03:39.567
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.285.74.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2019-11-26 20:03:39.567
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.285.74.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2019-11-26 20:03:39.558
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.285.74.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2019-11-26 20:03:39.558
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.285.74.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2020-02-03 21:21:34.431
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

Date: 2020-02-03 21:21:34.420
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Aviry\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider32.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-02-03 21:21:34.417
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Aviry\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider32.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-02-03 21:21:34.415
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Aviry\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider32.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-02-03 21:21:34.410
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Aviry\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider32.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-02-03 21:11:34.392
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

Date: 2020-02-03 21:11:34.381
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Aviry\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider32.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-02-03 21:11:34.375
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Aviry\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider32.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2901 10/16/2019
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B450-F GAMING
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 34%
Total physical RAM: 8124.13 MB
Available physical RAM: 5282.81 MB
Total Virtual: 9404.13 MB
Available Virtual: 5890.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.84 GB) (Free:182.83 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.5 GB) (Free:659.27 GB) NTFS

\\?\Volume{d6458fe6-83f6-4935-9c1d-28a7f72e381b}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{b5a6f67e-0283-4ca7-8508-df1d94760cbf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 39AE08EB)

Partition: GPT.

==================== End of Addition.txt =======================

#38 Příspěvek od **Conder** » 04 úno 2020 18:17

Spusti kontrolu integrity systemovych suborov:

Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca

Skopiruj a spusti prikaz:

Kód: Vybrat vše

DISM.exe /Online /Cleanup-image /Restorehealth

Po dokonceni skopiruj a spusti druhy prikaz:
Kód: Vybrat vše
```
sfc /scannow
```

Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

Kód: Vybrat vše

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt

Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
Restartuj PC a napis ako sa chova PC

Antusek · #39 Příspěvek od **Antusek** » 04 úno 2020 19:22

Provedeno. Akorát při vložení druhého příkazu to řvalo, že musím nejprve restartovat PC. Tak jsem to udělal a pak jsem provedl příkaz 2 a 3.
Dík za další rady.

#40 Příspěvek od **Conder** » 04 úno 2020 19:53

OK. Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

Antusek · #41 Příspěvek od **Antusek** » 04 úno 2020 20:04

Problém, který se od včera vyskytl je s Windows Media Playerem ve Windows10. Nechce přehrávat videa mp.4 aj. Jak v PC tak v e-mailu (Firefox, Chrome). Na netu jsem kdysi četl někde, že Microsoft vydal nový přehrávač a chce nás přimět používat ten a znepříjemňuje nám tím Windows Media Player. Odebral jsem jej a přidal a stejný problém, Dal jsem tam dočasně Filmy a Videa (přehrávač). U Firefoxu zmizely okna nejčastěji navštívených. Ty jsem tam dal zpět, ale nemohu najít naposledy navštívené a ještě bych potřeboval jak se ve Firefoxu uloží zvětšení (např. 150). Tatínek senior potřebuje větší písmo. Umím zvětšit, ale nepamatuje si to.
Jinak zatím o.k.

Potřebuji něco většího poslat přes úschovnu (fotky a video) můžu? Je to už od havěti o.k.? Výše popsané bude asi jiná příčina.
Díky za info a další rady.

#42 Příspěvek od **Conder** » 04 úno 2020 23:03

Ano, logy uz vyzeraju OK.

Na prehravanie videi a inych mutlimedialnych suborov odporucam pouzit napr. VLC media player.

Na zmenu zoomu pre vsetky stranky vo Firefoxe bude potrebne pouzit nejaky doplnok, napr. https://addons.mozilla.org/sk/firefox/addon/fixed-zoom/
Alebo je mozne zvacsit text v celom prostredi Windows.
Co sa tyka tych najcastejsie navstivenych stranok, neviem co konkrente myslis.

Antusek · #43 Příspěvek od **Antusek** » 05 úno 2020 19:07

Díky za vše.
Co se týká naposledy navštívených stránek myslím to, že dříve na hlavní stránce Firefoxu byly dva typy oken. První okno naposledy navštívené (dva řádky) a pak další okno nejčastěji navštívené (možno nastavit řádky oken od 1 do 4).
Přehrávač vyzkouším. Říká se, že je dobrý. A doplněk Firefoxu také vyzkouším. Pak podám info.
Dokument přes úschovnu již odešlu.

#44 Příspěvek od **Conder** » 05 úno 2020 22:11

Skus v nastaveniach Firefoxu v sekcii "Domov" (cesky preklad by mal byt "Domovska stranka") v casti "Obsah domovskej stranky Firefoxu" povolit moznost "Top stranky". Tato moznost by mala zapnut zobrazovanie najcastejsie navstevovanych stranok na domovskej karte Firefoxu.

Obrazok nastaveni: https://www.mozilla.cz/zpravicky/nove-n ... e-stranky/

Antusek · #45 Příspěvek od **Antusek** » 07 úno 2020 00:21

Dík. To tam mám a zobrazuje se. Ale dříve se zobrazovaly také naposledy navštívené. To teď firefox nenabízí. Jen v historii to najdu. proto jsem psal, že byly dva tipy oken.
Nový přehrávač funguje.

Ještě bych se zeptal jestli nevíte o nějakém dobrém volném (free) programu na převod do souboru PDF, který by si rozuměl s písmem Times New Romain CE. Používám DTP Program Adobe Pakemaker 7. 0 pro tvorbu sokolského zpravodaje/časopisu naší sokolské župy (program už se nevyvíjí, Adobe preferuje In Design) a potřebuji převádět soubor PM65 či PMD do PDF. Používal jsem PDF Creator, ale pokud jsme dříve používaly Postcriptová písma z Pagemakeru (Tyfa Text CE) bylo to o.k. Teď používáme Times New Romain CE a po převodu mám místo některých háčků kolečko. Byl mi bratrem sokolíkem, co dřív sázel časopis a teď to dělám já doporučen program Abby PDF Transformer, který používá. Ten je sice o.k, ale verzi, co jsem našel na netu je jen zkušební verze placeného programu. Takže šlo převést jen několikrát a když odinstaluji a nahraji znova jsou po převodu na první straně dvě žluté kolečka, abych si koupil plnou verzi. Teď jsem našel program doPDF, ale to je také jen zkušební verze na měsíc či 50 převodů. Ve Windows 10 je tiskárna Microsoft Print to PDF, která také převede o.k., ale sníží kvalitu obrázků (nevíte jak nastavit, aby převod byl ve vysoké kvalitě?). Pak by šla použít natrvalo. U textu to není znát, ale u obrázků ano. Či existuje nějaká free verze těchto programů či jiného. Musí si rozumět s písmem Times New Romain CE.

Díky za radu - nutně potřebuji a děkuji za vyčištění PC, které jsem dle vašich rad udělal.

VIRY.CZ

Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu

Re: Prosím o kontrolu logu problém při prohlížení netu