Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Windows Live mail neodeslal emaily - mnoho odesl. spamů za h

Návody, recenze, diskuze, řešení problémů

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zpráva
Autor
Antusek
Návštěvník
Návštěvník
Příspěvky: 400
Registrován: 17 úno 2007 20:54

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#16 Příspěvek od Antusek »

Posílám výsledky. vypadá to, že je to o.k.
díky za případný další postup.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 13.10.19
Čas skenování: 17:43
Logovací soubor: 31417280-edd0-11e9-bd19-00ff6bf2109c.json

-Informace o softwaru-
Verze: 3.8.3.2965
Verze komponentů: 1.0.629
Aktualizovat verzi balíku komponent: 1.0.12871
Licence: Bezplatný

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: System

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Plánovač
Výsledek: Dokončeno
Skenované objekty: 177459
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 12 min, 23 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

:)

Conder
Moderátor
Moderátor
Příspěvky: 4059
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#17 Příspěvek od Conder »

Toto je ale iba Sken hrozieb (Threat Scan). Je potrebne vybrat moznost Vlastni skenovani, kliknut na Nastavit sken, vpravo oznacit disk C: a vlavo oznacit moznost Vyhladavani na rootkity a kliknut na Spustit skenovani.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Antusek
Návštěvník
Návštěvník
Příspěvky: 400
Registrován: 17 úno 2007 20:54

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#18 Příspěvek od Antusek »

To jsem udělal a provedlo to tento sken, ale je pravda, že to začalo skenovat samo nestačil jsem kliknout na skenovat.
Díky za další rady.

Conder
Moderátor
Moderátor
Příspěvky: 4059
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#19 Příspěvek od Conder »

Skus teda ten sken v nudzovom rezime urobit este raz ako som pisal, teda v Malwarebytes vlavo kliknut na Sken, nasledne vybrat prostrednu moznost Vlastni skenovani, kliknut na tlacitko Nastavit sken, vpravo oznacit disk C: a vlavo oznacit moznost Vyhladavani na rootkity a kliknut na Spustit skenovani.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Antusek
Návštěvník
Návštěvník
Příspěvky: 400
Registrován: 17 úno 2007 20:54

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#20 Příspěvek od Antusek »

Zítra provedu. :)

Conder
Moderátor
Moderátor
Příspěvky: 4059
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#21 Příspěvek od Conder »

OK :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Antusek
Návštěvník
Návštěvník
Příspěvky: 400
Registrován: 17 úno 2007 20:54

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#22 Příspěvek od Antusek »

Posílám sken. Hlásí že je to o.k. Tak snad už by tam nic být nemělo.
:)

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 15.10.19
Čas skenování: 19:55
Logovací soubor: fe4cf560-ef74-11e9-b201-00ff6bf2109c.json

-Informace o softwaru-
Verze: 3.8.3.2965
Verze komponentů: 1.0.629
Aktualizovat verzi balíku komponent: 1.0.12871
Licence: Bezplatný

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: kuku-PC\kuku

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 221549
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 1 hod, 57 min, 19 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Conder
Moderátor
Moderátor
Příspěvky: 4059
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#23 Příspěvek od Conder »

:arrow: Super. Nasledujuce kroky uz mozes urobit v normalnom rezime.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Antusek
Návštěvník
Návštěvník
Příspěvky: 400
Registrován: 17 úno 2007 20:54

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#24 Příspěvek od Antusek »

Díky za info. V pátek odpoledne provedu.
:)

Conder
Moderátor
Moderátor
Příspěvky: 4059
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#25 Příspěvek od Conder »

OK :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Antusek
Návštěvník
Návštěvník
Příspěvky: 400
Registrován: 17 úno 2007 20:54

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#26 Příspěvek od Antusek »

Posílám log. Odstranilo to jednoho zástupce na odkaz na e-mail. Odkaz bych tam chtěl mít pro tatínka na ploše. PC ale dnes zase pracuje na plno a je trochu zpomalený. Např. po probuzení ze spánku chvíli trvá než začne reagovat a chvíli se točí i kolečko a net chvíli trvá než se načtou stránky. Nemůže to dělat firewall Zone Alarm, který jsem tam dal na vaší radu a Avira hlásí, že není zapnut Windows Defender. Nebo je spuštěn nějaký proces. I taťínek dnes říkal, že je to pomalé a některé stránky se nenačtou celé. Díky za další rady.

# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-18-2019
# Duration: 00:00:13
# OS: Windows 7 Home Premium
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Users\kuku\Desktop\Mail.Ru.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1381 octets] - [09/06/2019 21:30:23]
AdwCleaner[C00].txt - [1527 octets] - [09/06/2019 21:30:59]
AdwCleaner_Debug.log - [35163 octets] - [10/10/2019 21:40:34]
AdwCleaner[S01].txt - [1557 octets] - [10/10/2019 21:41:03]
AdwCleaner[S02].txt - [1618 octets] - [10/10/2019 21:42:28]
AdwCleaner[C02].txt - [1787 octets] - [10/10/2019 21:42:49]
AdwCleaner[S03].txt - [1741 octets] - [18/10/2019 17:20:46]
AdwCleaner[S04].txt - [1802 octets] - [18/10/2019 17:23:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

Conder
Moderátor
Moderátor
Příspěvky: 4059
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#27 Příspěvek od Conder »

Poprosim o obidva nove logy z FRST.

Co sa tyka Windows Defenderu, ten sa sam vypne v pripade, ak sa nainstaluje iny antivirus (v tomto pripade Avira).

Ten Mail.Ru odkaz mozes vytvorit znovu, ak ho chces mat na ploche.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Antusek
Návštěvník
Návštěvník
Příspěvky: 400
Registrován: 17 úno 2007 20:54

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#28 Příspěvek od Antusek »

Posílám oba dva logy z FRST. Dík za další postup.
:)
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-10-2019 02
Ran by kuku (administrator) on KUKU-PC (Hewlett-Packard Newark) (18-10-2019 20:59:20)
Running from D:\FRST
Loaded Profiles: kuku (Available Profiles: kuku)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ABBYY PRODUCTION LLC -> ABBYY Production LLC) D:\Prográmky\ABBYY PDF Transformer+\NetworkLicenseServer.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Inc.) [File not signed] D:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) D:\Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\VPN\Avira.VpnService.exe
(Geek Software GmbH -> Geek Software GmbH) D:\Prográmky\PDF24\pdf24.exe
(Geek Software GmbH -> Geek Software GmbH) D:\Prográmky\PDF24\pdf24.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Check Point Software Technologies Ltd. -> ) C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\Endpoint Security\EFR\EFRService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ICM\ICM-Service-NET.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files\CCleaner Browser\Update\1.5.21.0\CCleanerBrowserCrashHandler.exe
(RealNetworks, Inc. -> ) C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc. -> ) C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) D:\Programy\Real\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) D:\Programy\Real\Update\realsched.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PDFPrint] => D:\Prográmky\PDF24\pdf24.exe [465544 2018-12-18] (Geek Software GmbH -> Geek Software GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [227168 2019-09-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TkBellExe] => D:\Programy\Real\Update\realsched.exe [286960 2018-03-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [712432 2016-02-03] (RealNetworks, Inc. -> )
HKLM\...\Run: [AdobeCS4ServiceManager] => C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [326448 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM\...\Run: [ZaAntiRansomware] => C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-08-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKU\S-1-5-21-73998946-1782675459-2744590695-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-73998946-1782675459-2744590695-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2972672 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\77.1.1834.93\Installer\chrmstp.exe [2019-10-10] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\77.0.3865.120\Installer\chrmstp.exe [2019-10-16] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk [2019-05-09]
ShortcutTarget: Acrobat Assistant.lnk -> D:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.) [File not signed]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FD6360E-9838-4A3D-9B0B-674E342BFD1C} - System32\Tasks\AdobeAAMUpdater-1.0-kuku-PC-kuku => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {11D22377-2C3B-4216-915E-BF23A2D1BCA5} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-07-16] (Piriform Software Ltd -> Piriform Software)
Task: {12BE93EF-ADA9-4A1A-A988-D1A8E384190E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1FA2EB1F-3E9E-4763-9A69-042934987FB2} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-07-16] (Piriform Software Ltd -> Piriform Software)
Task: {223876E7-DCCD-49CE-A361-B080617070BA} - System32\Tasks\{734A86F7-2136-401B-9739-665DD6B974DD} => D:\Programy\OFFICE11\WINWORD.EXE [12317848 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {22706ADD-EDB8-40B0-AB4A-CEB46AF3A828} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {25CB1EC6-77EC-4700-8D06-E9DADEB0662F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1542536 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {36C2E53C-42BB-4460-AA35-84AEFA3166C3} - System32\Tasks\{A988DC7A-4029-4C45-B623-4E694198B524} => D:\Programy\OFFICE11\WINWORD.EXE [12317848 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {445844DB-7D5A-487A-A2F2-2B5B3EE77B63} - \RealDownloader Update Check -> No File <==== ATTENTION
Task: {44AB2BEC-BD63-4024-A95F-444E34476049} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe
Task: {4AC6810A-0B15-4518-A26F-85FAB0108D39} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-73998946-1782675459-2744590695-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [128240 2016-02-03] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {56015C87-143C-4433-9697-F86D66F20C7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
Task: {61C45FA0-60ED-4374-B1A9-E3C30FD8C8A8} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1889536 2019-09-25] (Piriform Software Ltd -> Piriform Software)
Task: {6F466AC7-C0F5-4589-A474-4444C5DBC954} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_270_pepper.exe [1453112 2019-10-12] (Adobe Inc. -> Adobe)
Task: {78B95C01-849C-46E3-B19E-E84BFCB05605} - System32\Tasks\{B54C511C-2C43-4FE4-95BD-D6F46015EEB6} => D:\Programy\OFFICE11\OFFICE11\WINWORD.EXE [12317848 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {8087E701-AE39-4FF3-97BB-F67627F0141C} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe
Task: {8DA9309D-3B5B-45E2-B1A9-5B9665FE0BB7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [192704 2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B893E01-B256-4DCB-9CEE-E81B6BA47243} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {9D5EB933-C003-43EB-9084-19293F4526A2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {A76A65FA-DF12-4E29-9231-BBB65363A5EA} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-73998946-1782675459-2744590695-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [343304 2016-02-03] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {AB88E041-AF2C-49E6-B828-BA9C4C34820F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)
Task: {AF143AE9-5766-471E-8EBE-039841E78CD2} - System32\Tasks\Opera scheduled Autoupdate 1515937838 => C:\Program Files\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)
Task: {BEBC345F-01BD-4718-BAEC-C2F044C14029} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1889536 2019-09-25] (Piriform Software Ltd -> Piriform Software)
Task: {C5B72A31-C619-4F09-B03A-F8724B811FC5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-12] (Adobe Inc. -> Adobe)
Task: {C5FBE866-8F29-46EC-BCA3-413AC14A4D4E} - System32\Tasks\klcp_update => D:\Programy\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1723392 2019-07-07] () [File not signed]
Task: {C7A4D9E2-420C-4738-AB83-7A8C5A0B8704} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\Antivirus\avgnt.exe [2759024 2019-10-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {D306BF75-195D-4CB8-B91F-1D401BB194DB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-73998946-1782675459-2744590695-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [128240 2016-02-03] (RealNetworks, Inc. -> RealNetworks, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{6BF2109C-E827-4903-8C39-49865855932F}: [DhcpNameServer] 185.123.227.250
Tcpip\..\Interfaces\{F6269353-ADF6-407B-AA2B-EE167A4301DA}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-02-03] (RealNetworks, Inc. -> RealDownloader)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)

FireFox:
========
FF DefaultProfile: uk3cd41f.default-1560605859380
FF ProfilePath: C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\uk3cd41f.default-1560605859380 [2019-10-18]
FF Extension: (AdGuard AdBlocker) - C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\uk3cd41f.default-1560605859380\Extensions\adguardadblocker@adguard.com.xpi [2019-07-18]
FF Extension: (Firefox ESR configurer for OLDJAWS screen reader ) - C:\Users\kuku\AppData\Roaming\Mozilla\Firefox\Profiles\uk3cd41f.default-1560605859380\features\{48e6e9a7-3b9e-4218-8998-5fb4307f6b62}\jaws-esr@mozilla.org.xpi [2019-09-16] [Legacy]
FF Extension: (Firefox ESR configurer for OLDJAWS screen reader ) - C:\Program Files\Mozilla Firefox\browser\features\jaws-esr@mozilla.org.xpi [2019-09-16] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2018-01-14] [Legacy] [not signed]
FF HKU\S-1-5-21-73998946-1782675459-2744590695-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=18.1.3.100 -> D:\Programy\Real\Netscape6\nppl3260.dll [2018-03-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=18.1.3.100 -> D:\Programy\Real\Netscape6\nprpplugin.dll [2018-03-10] (RealNetworks, Inc. -> RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default [2019-10-18]
CHR Extension: (Dokumenty) - C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-14]
CHR Extension: (AdGuard AdBlocker) - C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2019-07-18]
CHR Extension: (Adobe Acrobat) - C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-26]
CHR Extension: (Avira Browser Safety) - C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-10-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (Chrome Media Router) - C:\Users\kuku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-10]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.PDFTransformer.Classic.4.0; D:\Prográmky\ABBYY PDF Transformer+\NetworkLicenseServer.exe [821560 2013-07-12] (ABBYY PRODUCTION LLC -> ABBYY Production LLC)
R2 AdobeActiveFileMonitor10.0; D:\Fotoeditory\Adobe Photoshop Elements 10\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-10] (Adobe Inc. -> Adobe Systems)
R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-09-25] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1209328 2019-10-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [483408 2019-10-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [483408 2019-10-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [500272 2019-09-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 ATMsrvc; C:\Windows\System32\ATMsrvc.exe [15360 2000-05-24] (Adobe Systems Incorporated) [File not signed]
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [586176 2019-09-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files\Avira\VPN\Avira.VpnService.exe [382232 2019-09-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-07-16] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\77.1.1834.93\elevation_service.exe [984880 2019-09-25] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-07-16] (Piriform Software Ltd -> Piriform Software)
R2 CPEFR; C:\Program Files\CheckPoint\Endpoint Security\EFR\EFRService.exe [2842360 2019-08-07] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-08-20] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-08-20] (Check Point Software Technologies Ltd. -> )
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 MBAMService; D:\Malvarebytes\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PDF24; D:\Prográmky\PDF24\pdf24.exe [465544 2018-12-18] (Geek Software GmbH -> Geek Software GmbH)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-02-03] (RealNetworks, Inc. -> )
R2 RealTimes Desktop Service; D:\Programy\Real\RPDS\Bin\rpdsvc.exe [1095440 2018-03-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RemediationService; C:\Program Files\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-06-10] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 TESvc; C:\Program Files\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [351992 2019-08-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [4501544 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files\CheckPoint\ICM\ICM-Service-NET.exe [40304 2019-02-07] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZAARUpdateService; C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-08-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [50728 2019-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153280 2019-09-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [171568 2019-09-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36688 2019-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60360 2019-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [33280 2019-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [55488 2019-08-11] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [91424 2019-07-15] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [103312 2019-08-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [108736 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R2 ISWKL; C:\Program Files\CheckPoint\Endpoint Security\Endpoint Common\Bin\ISWKL.sys [57584 2018-03-11] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [9789696 2009-07-18] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [31032 2019-04-01] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [365496 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
U3 aswbdisk; no ImagePath
U3 iswSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-18 18:11 - 2019-10-18 18:12 - 000000186 _____ C:\Users\kuku\Desktop\Mail ru.url
2019-10-15 11:37 - 2019-10-15 11:37 - 001308310 _____ C:\Users\kuku\Downloads\Statistiky_sveta_-_NEJ.pdf
2019-10-12 18:50 - 2019-10-12 18:51 - 000000000 ____D C:\KVRT_Data
2019-10-12 10:19 - 2019-10-12 10:19 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-10-11 21:51 - 2019-10-11 21:51 - 000000000 ____D C:\Users\kuku\AppData\Local\mbamtray
2019-10-11 21:51 - 2019-10-11 21:51 - 000000000 ____D C:\Users\kuku\AppData\Local\mbam
2019-10-11 21:50 - 2019-10-12 08:47 - 000129056 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-10-11 21:50 - 2019-10-11 21:50 - 000000598 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-11 21:50 - 2019-10-11 21:50 - 000000598 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-10-11 21:50 - 2019-10-11 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-11 21:50 - 2019-10-11 21:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-10-11 17:58 - 2019-07-15 07:42 - 000091424 _____ (Check Point Software Technologies) C:\Windows\system32\Drivers\CPEPMon.sys
2019-10-11 17:57 - 2019-08-11 13:15 - 000055488 _____ (Check Point Software Technologies) C:\Windows\system32\Drivers\cpbak.sys
2019-10-11 17:55 - 2019-10-18 21:00 - 000000000 ____D C:\FRST
2019-10-11 17:54 - 2019-10-11 17:54 - 000000809 _____ C:\Users\kuku\Desktop\FRST.lnk
2019-10-11 17:43 - 2019-10-11 17:43 - 000000000 _____ C:\Windows\system32\Drivers\etc\lmhosts
2019-10-11 17:41 - 2019-10-11 17:42 - 000441016 _____ C:\Windows\system32\Drivers\vsconfig.xml
2019-10-11 17:41 - 2019-10-11 17:41 - 000000732 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2019-10-11 17:41 - 2019-10-11 17:41 - 000000732 _____ C:\ProgramData\Desktop\ZoneAlarm Security.lnk
2019-10-11 17:41 - 2019-10-11 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2019-10-11 17:38 - 2019-10-12 17:46 - 000000000 ____D C:\Program Files\CheckPoint
2019-10-11 17:37 - 2019-10-12 17:46 - 000000000 ____D C:\ProgramData\CheckPoint
2019-10-10 07:41 - 2019-10-10 07:41 - 001383877 _____ C:\Users\kuku\Downloads\veklep-detail
2019-10-09 21:38 - 2019-10-09 21:45 - 000020668 _____ C:\Users\kuku\Documents\Památný den Sokolstva Praha 8.10.2019.wlmp
2019-10-09 18:05 - 2019-10-06 05:32 - 020290048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-10-09 18:05 - 2019-10-06 05:18 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-10-09 18:05 - 2019-10-06 05:15 - 002302464 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-10-09 18:05 - 2019-10-06 05:10 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-10-09 18:05 - 2019-10-06 04:49 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-10-09 18:05 - 2019-10-06 04:48 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-10-09 18:05 - 2019-10-06 04:45 - 013808640 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-10-09 18:05 - 2019-10-06 04:35 - 004387840 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-10-09 18:05 - 2019-10-06 04:32 - 001331712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-10-09 18:05 - 2019-09-19 06:30 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2019-10-09 18:05 - 2019-09-17 04:29 - 000812544 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-10-09 18:05 - 2019-09-17 04:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-10-09 18:05 - 2019-09-17 02:10 - 000407776 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-10-09 18:05 - 2019-09-10 04:27 - 001064448 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-10-09 18:05 - 2019-09-10 04:27 - 000383488 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-10-09 18:05 - 2019-09-10 04:02 - 006135296 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-10-09 18:05 - 2019-09-10 04:02 - 002752000 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-10-09 18:05 - 2019-09-10 04:00 - 002406912 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-10-09 18:05 - 2019-09-10 04:00 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-10-09 18:05 - 2019-09-10 04:00 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-10-09 18:04 - 2019-10-07 07:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-10-09 18:04 - 2019-10-06 05:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-10-09 18:04 - 2019-10-06 05:28 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-10-09 18:04 - 2019-10-06 05:18 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-10-09 18:04 - 2019-10-06 05:17 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-10-09 18:04 - 2019-10-06 05:17 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-10-09 18:04 - 2019-10-06 05:16 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-10-09 18:04 - 2019-10-06 05:12 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-10-09 18:04 - 2019-10-06 05:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-10-09 18:04 - 2019-10-06 05:11 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-10-09 18:04 - 2019-10-06 05:10 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-10-09 18:04 - 2019-10-06 05:10 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-10-09 18:04 - 2019-10-06 05:10 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-10-09 18:04 - 2019-10-06 05:06 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-10-09 18:04 - 2019-10-06 05:03 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-10-09 18:04 - 2019-10-06 05:00 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-10-09 18:04 - 2019-10-06 05:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-10-09 18:04 - 2019-10-06 04:59 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-10-09 18:04 - 2019-10-06 04:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-10-09 18:04 - 2019-10-06 04:56 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-10-09 18:04 - 2019-10-06 04:56 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-10-09 18:04 - 2019-10-06 04:55 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-10-09 18:04 - 2019-10-06 04:53 - 004112384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-10-09 18:04 - 2019-10-06 04:50 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-10-09 18:04 - 2019-10-06 04:48 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-10-09 18:04 - 2019-10-06 04:48 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-10-09 18:04 - 2019-10-06 04:30 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-10-09 18:04 - 2019-09-17 04:32 - 004060896 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-10-09 18:04 - 2019-09-17 04:32 - 003966688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-10-09 18:04 - 2019-09-17 04:32 - 000191200 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-10-09 18:04 - 2019-09-17 04:32 - 000191200 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-10-09 18:04 - 2019-09-17 04:32 - 000137952 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-10-09 18:04 - 2019-09-17 04:32 - 000137440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-10-09 18:04 - 2019-09-17 04:32 - 000068832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-10-09 18:04 - 2019-09-17 04:30 - 001315912 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 04:04 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-10-09 18:04 - 2019-09-17 04:04 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-10-09 18:04 - 2019-09-17 04:04 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-10-09 18:04 - 2019-09-17 04:04 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-10-09 18:04 - 2019-09-17 04:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-10-09 18:04 - 2019-09-17 04:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-10-09 18:04 - 2019-09-17 04:02 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-10-09 18:04 - 2019-09-17 04:01 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-10-09 18:04 - 2019-09-17 04:01 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-10-09 18:04 - 2019-09-17 03:59 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-10-09 18:04 - 2019-09-17 03:58 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-10-09 18:04 - 2019-09-17 03:58 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-10-09 18:04 - 2019-09-17 03:58 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-10-09 18:04 - 2019-09-17 03:58 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-10-09 18:04 - 2019-09-17 03:58 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-10-09 18:04 - 2019-09-17 03:57 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-10-09 18:04 - 2019-09-17 03:57 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-10-09 18:04 - 2019-09-17 03:57 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-10-09 18:04 - 2019-09-17 03:57 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-10-09 18:04 - 2019-09-17 03:57 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-10-09 18:04 - 2019-09-17 03:57 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-10-09 18:04 - 2019-09-17 03:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-10-09 18:04 - 2019-09-17 03:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-10-09 18:04 - 2019-09-17 03:57 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-10-09 18:04 - 2019-09-17 03:57 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-10-09 18:04 - 2019-09-17 03:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 03:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 03:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-10-09 18:04 - 2019-09-17 03:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-10-09 18:04 - 2019-09-11 06:56 - 000353792 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2019-10-09 18:04 - 2019-09-11 06:56 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2019-10-09 18:04 - 2019-09-10 04:27 - 000320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-10-09 18:04 - 2019-09-10 04:27 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-10-09 18:04 - 2019-09-10 04:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-10-09 18:04 - 2019-09-10 04:00 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-10-09 18:04 - 2019-09-10 04:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-10-09 18:04 - 2019-09-10 04:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-10-09 18:04 - 2019-09-10 03:59 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2019-10-09 18:04 - 2019-09-10 03:56 - 000248320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-10-07 19:59 - 2019-10-09 11:06 - 000019968 ___SH C:\Users\kuku\Documents\Thumbs.db
2019-10-07 19:58 - 2019-10-07 19:58 - 000314135 _____ C:\Users\kuku\Documents\rozhovor0195-1.pdf
2019-10-06 15:36 - 2019-10-06 15:36 - 000001074 _____ C:\Users\Public\Desktop\Avira.lnk
2019-10-06 15:36 - 2019-10-06 15:36 - 000001074 _____ C:\ProgramData\Desktop\Avira.lnk
2019-10-04 15:30 - 2019-09-12 05:53 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-10-04 15:30 - 2019-09-12 05:53 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-10-04 15:30 - 2019-09-12 05:52 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-10-04 15:30 - 2019-09-12 05:52 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-10-04 15:30 - 2019-09-12 05:52 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-10-04 15:30 - 2019-09-12 05:32 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-10-03 16:41 - 2019-10-03 16:41 - 000003434 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2019-10-03 16:41 - 2019-10-03 16:41 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-03 16:41 - 2019-10-03 16:41 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-09-29 23:35 - 2019-09-29 23:35 - 000020269 _____ C:\Users\kuku\Documents\Slavnostní vysvěcení praporu v T.J. Sokol Prosek 29.09.2019.wlmp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-18 18:55 - 2018-01-08 20:05 - 000000000 ____D C:\Users\kuku\AppData\LocalLow\Mozilla
2019-10-18 17:33 - 2018-01-04 22:53 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-18 17:33 - 2009-07-14 10:44 - 000668542 _____ C:\Windows\system32\perfh005.dat
2019-10-18 17:33 - 2009-07-14 10:44 - 000141202 _____ C:\Windows\system32\perfc005.dat
2019-10-18 17:33 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-10-18 17:32 - 2009-07-14 06:34 - 000013536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-18 17:32 - 2009-07-14 06:34 - 000013536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-18 17:26 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-18 08:50 - 2018-01-14 17:28 - 000000000 ____D C:\Users\kuku\AppData\Local\Adobe
2019-10-18 08:28 - 2018-01-14 19:15 - 002318008 _____ C:\Windows\system32\FNTCACHE.DAT
2019-10-16 14:12 - 2018-01-14 15:54 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-16 14:12 - 2018-01-14 15:54 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-16 14:12 - 2018-01-14 15:54 - 000002129 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-10-16 09:31 - 2018-01-08 20:05 - 000000000 ____D C:\Program Files\CCleaner
2019-10-15 18:31 - 2018-01-14 17:31 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2019-10-15 18:29 - 2018-01-14 17:30 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-14 19:52 - 2018-01-08 20:12 - 000003268 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2019-10-12 05:19 - 2018-02-04 22:08 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-12 05:19 - 2018-02-02 20:10 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-10-12 05:19 - 2018-02-02 20:10 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-10-12 05:19 - 2018-02-02 20:10 - 000004536 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-10-12 05:19 - 2018-01-14 16:42 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-12 05:10 - 2009-07-14 06:53 - 000032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-10-11 17:56 - 2018-01-08 19:59 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-11 17:54 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-10-11 15:07 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2019-10-11 10:16 - 2018-01-08 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-10-10 07:50 - 2019-07-16 22:38 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2019-10-10 07:50 - 2019-07-16 22:38 - 000003132 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2019-10-10 07:50 - 2019-07-16 22:38 - 000002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2019-10-10 07:50 - 2019-07-16 22:38 - 000002225 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2019-10-10 07:50 - 2019-07-16 22:38 - 000002225 _____ C:\ProgramData\Desktop\CCleaner Browser.lnk
2019-10-10 07:50 - 2019-07-16 22:37 - 000000000 ____D C:\Program Files\CCleaner Browser
2019-10-10 07:18 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-10-10 00:49 - 2018-01-04 22:56 - 000000000 ____D C:\Windows\system32\MRT
2019-10-10 00:48 - 2018-01-04 22:55 - 124046008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-10-09 22:13 - 2019-07-17 19:28 - 000000000 ____D C:\Users\kuku\AppData\Roaming\Audacity
2019-10-06 21:37 - 2018-10-02 21:14 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-10-06 21:37 - 2018-10-02 21:14 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-10-06 21:37 - 2018-10-02 21:14 - 000000965 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-10-06 17:49 - 2018-01-14 15:50 - 000003832 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1515937838
2019-10-06 17:49 - 2018-01-14 15:50 - 000000000 ____D C:\Program Files\Opera
2019-10-03 16:41 - 2018-01-14 17:17 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-10-02 20:43 - 2018-01-14 15:54 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 20:43 - 2018-01-14 15:54 - 000003248 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-02 20:43 - 2018-01-14 15:54 - 000000000 ____D C:\Program Files\Google
2019-10-01 15:59 - 2018-01-14 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-09-30 01:01 - 2018-01-14 18:48 - 000000000 ____D C:\Program Files\Recuva
2019-09-25 18:56 - 2018-01-08 20:11 - 000171568 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2019-09-25 18:56 - 2018-01-08 20:11 - 000153280 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

==================== Files in the root of some directories ================

2019-07-05 10:49 - 2019-07-05 10:49 - 000004096 ____H () C:\Users\kuku\AppData\Local\keyfile3.drm
2018-10-01 20:47 - 2018-10-01 20:47 - 000000000 _____ () C:\Users\kuku\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-10-11 14:59
==================== End of FRST.txt ============================



Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-10-2019 02
Ran by kuku (18-10-2019 21:04:22)
Running from D:\FRST
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2018-01-04 20:48:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-73998946-1782675459-2744590695-500 - Administrator - Disabled)
Guest (S-1-5-21-73998946-1782675459-2744590695-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-73998946-1782675459-2744590695-1002 - Limited - Enabled)
kuku (S-1-5-21-73998946-1782675459-2744590695-1000 - Administrator - Enabled) => C:\Users\kuku

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {8D637332-9C08-995E-98D7-8237936B0E9F}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
ABBYY PDF Transformer+ (HKLM\...\{FA400000-0001-0000-0000-074957833700}) (Version: 4.0.437 - ABBYY Production LLC)
ABBYY PDF Transformer+ verze 1.5 (HKLM\...\ABBYY PDF Transformer+_is1) (Version: 1.5 - )
Adobe Acrobat 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20047 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.270 - Adobe)
Adobe InDesign CS4 (HKLM\...\Adobe_1710d324011afc3e7658e969025f4ba) (Version: 6.0 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM\...\Adobe PageMaker 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 10 (HKLM\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Type Manager 4.1 (HKLM\...\Adobe Type Manager 4.1) (Version: - )
Avira (HKLM\...\{e2be50eb-5ea7-469b-9805-e29b51000bb6}) (Version: 1.2.137.23068 - Avira Operations GmbH & Co. KG)
Avira (HKLM\...\{F3986A03-518F-4860-B372-1ACD7773DD99}) (Version: 1.2.137.23068 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.1910.1604 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM\...\Avira Phantom VPN) (Version: 2.28.5.20306 - Avira Operations GmbH & Co. KG)
BAHN 3.81r1 (HKLM\...\BAHN381r1_is1) (Version: 3.81 - JBSS Chemnitz/Dresden)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{6C89FA64-0701-4D78-B1BE-4B58237F78B9}) (Version: 3.20.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
CCleaner Browser (HKLM\...\CCleaner Browser) (Version: 77.1.1834.93 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.21.0 - Piriform Software) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Copy (HKLM\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM\...\{363CEA5C-C9D0-45DD-9511-A461DBDEE94B}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
doPDF (HKLM\...\{3FA321E5-16C4-467E-BAE5-71D0F0A15DCA}) (Version: 10.1.112 - Softland) Hidden
doPDF 10 add-in for Microsoft Office (x86) (HKLM\...\{F274B289-723E-46E4-A2E5-50F9DA00EC92}) (Version: 10.1.112 - Softland)
doPDF 10 Printer Driver (HKLM\...\{C519AF08-9B91-4FCE-93FD-5F8F2CA08D46}) (Version: 10.1.112 - Softland)
Elements 10 Organizer (HKLM\...\{22D3A614-482C-444A-932C-9DA1B8ECDFD2}) (Version: 10.0 - Název společnosti:) Hidden
F4200 (HKLM\...\{C2524280-A5CF-4458-B809-167F13FAB56D}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Fotogalerie (HKLM\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FOTOLAB CEWE fotosvet (HKLM\...\FOTOLAB CEWE fotosvet) (Version: 6.3.7 - CEWE Stiftung u Co. KGaA)
Google Chrome (HKLM\...\Google Chrome) (Version: 77.0.3865.120 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Check Point SBA (HKLM\...\{749097B9-4F43-4B83-BFA3-C755EAC68B7B}) (Version: 86.5.8005 - Check Point Software Technologies Ltd.) Hidden
Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 15.0.4 (32-bit) (HKLM\...\KLiteCodecPack_is1) (Version: 15.0.4 - KLCP)
kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 60.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 60.9.0 ESR (x86 cs)) (Version: 60.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.9.0.7183 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
Opera Stable 63.0.3368.107 (HKLM\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 8.7.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
PSE10 STI Installer (HKLM\...\{11D08055-939C-432b-98C3-E072478A0CD7}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
RealDownloader (HKLM\...\{13743594-F75E-491E-9EFF-203C8F8DF705}) (Version: 18.1.3.104 - RealNetworks) Hidden
RealDownloader (HKLM\...\{48D18738-099C-4FAA-AFD9-80B592A25478}) (Version: 18.1.3.103 - RealNetworks, Inc.) Hidden
RealDownloader (HKLM\...\{75c02118-61df-4a00-b4ae-8a8f2ab354b3}) (Version: 18.1.3.104 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM\...\RealPlayer 18.1) (Version: 18.1.3 - RealNetworks)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Scan (HKLM\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype verze 8.52 (HKLM\...\Skype_is1) (Version: 8.52 - Skype Technologies S.A.)
SmartWebPrinting (HKLM\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.52a - Ghisler Software GmbH)
TrayApp (HKLM\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
UpdateService (HKLM\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (HKLM\...\{E60AFF01-6087-47BD-8272-61FA3CFC309D}) (Version: 1.0.0 - RealNetworks) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}) (Version: 16.0.9715 - WinZip Computing, S.L. )
ZoneAlarm Anti-Ransomware (HKLM\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.001.1320 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM\...\{18FE6943-D33D-42F5-99D5-0ED22F633E32}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM\...\ZoneAlarm Free Firewall) (Version: 15.6.121.18102 - Check Point)
ZoneAlarm Security (HKLM\...\{881E7A8C-9C4B-4D14-B390-EAFBA278CF45}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-73998946-1782675459-2744590695-1000_Classes\CLSID\{35D109B4-26F6-73EC-8747-C5C00D6B1F92}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-73998946-1782675459-2744590695-1000_Classes\CLSID\{7EF36CAB-DBE9-D4DC-B349-E395BECF579D}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-10-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => D:\Prográmky\ABBYY PDF Transformer+\TRIntegration.dll [2013-09-24] (ABBYY PRODUCTION LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Archivace\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshlstb.dll [2011-12-23] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Malvarebytes\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => D:\Programy\Real\RPDS\Bin\rpcontextmenu.dll [2018-03-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshlstb.dll [2011-12-23] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2009-07-14] (NVIDIA Corporation) [File not signed]
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Malvarebytes\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-10-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => D:\Prográmky\ABBYY PDF Transformer+\TRIntegration.dll [2013-09-24] (ABBYY PRODUCTION LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Archivace\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshlstb.dll [2011-12-23] (WinZip Computing -> WinZip Computing, S.L.)

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [112128 2015-10-24] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\kuku\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2019-08-25 14:47 - 2019-08-25 14:47 - 000059392 _____ () [File not signed] C:\Program Files\CheckPoint\Endpoint Security\Threat Emulation\SA\dict-vectorizer.dll
2019-05-09 19:05 - 2001-03-15 08:18 - 000065536 _____ () [File not signed] d:\programy\adobe\adobe acrobat distiller 5.0\Distillr\adistres.dll
2008-08-14 08:15 - 2008-08-14 08:15 - 000276992 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll
2019-05-09 19:05 - 2001-03-15 08:18 - 000020584 _____ (Adobe Systems Incorporated.) [File not signed] C:\Windows\system32\pdfports.dll
2009-09-20 13:36 - 2009-09-20 13:36 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 13:24 - 2009-09-20 13:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 13:24 - 2009-09-20 13:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddsvc.dll
2019-08-07 16:06 - 2019-08-07 16:06 - 000056832 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files\CheckPoint\Endpoint Security\EFR\cphnt32.dll
2019-08-07 16:06 - 2019-08-07 16:06 - 000019968 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files\CheckPoint\Endpoint Security\EFR\cphusr32.dll
2019-07-25 10:52 - 2019-07-25 10:52 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files\CheckPoint\ZoneAlarm\dbghelp.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2009-07-14 14:29 - 2009-07-14 14:29 - 000143360 _____ (NVIDIA Corporation) [File not signed] C:\Windows\system32\nvshext.dll
2019-08-25 15:03 - 2019-08-25 15:03 - 001189888 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\x86\SQLite.Interop.dll
2019-08-19 21:15 - 2019-08-19 21:15 - 001124352 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll
2019-05-08 20:36 - 2019-05-08 20:36 - 000016384 _____ (Softland) [File not signed] C:\Windows\System32\novamn10.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84034335.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84034335.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;D:\Programy\Calibre2\
HKU\S-1-5-21-73998946-1782675459-2744590695-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\kuku\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{94A6DB34-C479-4EAD-BE89-CDF0D67763CF}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{32D76BCC-F53A-45B4-81BA-F08241B8328E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BB3AE08A-570D-4038-91E9-F3C51A825DB5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CFB6D6BC-92DF-412E-8F0D-D0B564DCDCCE}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99ED414F-843F-4ECF-BB17-A8CAEA88515F}] => (Allow) LPort=2869
FirewallRules: [{18EAF797-80C4-4619-B39A-D13B87AD4C36}] => (Allow) LPort=1900
FirewallRules: [{24FBA047-F8B8-4AD0-AF0F-0415B4738B4E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{3E282CD5-3E2F-4660-9258-A7B46115E67B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{E8943E04-743C-48A3-8BAA-06CEB0CCF6C4}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{EDD4100E-61AC-45D3-8D1C-F339871DED84}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{E0176CAD-EFBB-449A-BBDE-312254FE8495}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{B1BAB40C-F180-4BF7-A248-7D4B31B4C86B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed]
FirewallRules: [{029ADB72-692B-4807-A0CB-2B3698E77B93}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{1C08443B-67A7-4127-A7FD-6D89F58E2C00}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{AAF27E5F-2725-4FD5-A859-5D8C41343CC0}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{0DA17CBB-450A-484C-81BC-6927E0CF9B1B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{681340ED-9172-4E3B-97C0-4D7062B49914}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe (Hewlett Packard -> Hewlett-Packard Development Co. L.P.)
FirewallRules: [{BAF2906A-BC52-4263-A295-B1594C8BA345}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{0C6329E1-415B-4545-8536-9A067B354A2F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{B389680F-C9BA-45C2-BE7E-E1A16847D5FF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7A92058E-F02D-43FB-B7BD-57F9F5F0591A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{608EB7A2-33D3-4675-9916-4B417DA9D3A1}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{F176ECCB-3258-4A6F-84D6-E862EB6A7323}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [{AFB6C06F-591F-4DD4-9358-335EEA79F1CA}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{DCA1A6A8-A358-4FA5-95A5-67D019AADF30}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{8A38C881-58CF-4490-8077-50DB942DF3D7}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{DB6B60C0-95E2-4279-BB2A-9ABB83CFC84F}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E8E8BDD0-015B-42B5-8FA7-5172F7B4D93F}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{11976668-4894-40F3-913D-BE93006D5344}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{567B454B-8151-4A03-8D7C-896107A20CF4}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{53472332-F579-4D72-9894-D48E19BC5A35}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F51A5A2A-6EB2-4C6E-8EA8-1294BB7C8325}] => (Allow) D:\Programy\Real\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{F4609A42-5115-4586-8CEC-7E5A1F03F875}] => (Allow) LPort=5353
FirewallRules: [{05B983F2-2DDF-404B-95F9-63335E9E91A9}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{15CF71F6-B82F-49BB-8F4B-9FF0EE917276}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{F5E0BD9D-A45C-4CC1-AAC5-AA8D9E76F59C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B79BBAFB-1DCC-4C1C-9D78-B183DBD68EAE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E1A1B812-40E0-42B2-82C4-CF506237257D}] => (Allow) LPort=8501
FirewallRules: [{F0AB912B-37F5-4BFF-BD84-7D9285374463}] => (Allow) LPort=8501
FirewallRules: [{8AAECDA7-190C-429C-A3AF-6291E72A4147}] => (Allow) C:\Program Files\Opera\63.0.3368.94\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{1F881FDE-8262-4437-B1B9-3B24447F17ED}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B577422C-6A8D-4AA3-9F13-10C8EDD04016}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{22D82C7C-3B31-44C8-A0B9-2BA07F30253A}] => (Allow) C:\Program Files\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{BB56882A-93D1-424B-85E7-E5250981D7D3}] => (Allow) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{9E8B4118-1879-4C62-AAE0-D23C88B73F8F}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{850B881E-A957-4B94-B7B0-43766DAFA20A}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{0848A329-F9CD-4825-AE82-D5024560F314}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{C16D0B90-0660-4211-9FC0-A01059326715}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{A5E7CF5F-1116-4D5E-A567-0802EB4F2D05}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

10-10-2019 00:42:35 Windows Update
10-10-2019 16:00:04 Windows Update
10-10-2019 20:16:26 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry
11-10-2019 17:54:15 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
11-10-2019 17:54:49 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
11-10-2019 17:55:51 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
12-10-2019 22:40:54 Windows Update
13-10-2019 18:08:09 Windows Update
18-10-2019 08:34:21 Windows Update

==================== Faulty Device Manager Devices =============

Name: Koprocesor
Description: Koprocesor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/18/2019 08:30:15 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2019 08:30:15 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2019 08:30:15 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2019 08:30:15 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (10/18/2019 08:30:11 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2019 08:30:11 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/18/2019 08:30:11 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2019 08:30:11 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (10/18/2019 06:56:52 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Firmware platformy při předchozím přechodu systémového napájení poškodil paměť. Zkontrolujte dostupnost aktualizovaného firmwaru pro váš systém.

Error: (10/18/2019 05:24:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Check Point Endpoint EFR byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (10/18/2019 05:24:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Check Point SandBlast Agent Threat Emulation byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (10/18/2019 05:24:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Service Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (10/18/2019 05:24:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Check Point Endpoint Remediation byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (10/18/2019 05:24:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Check Point Sandblast Agent Updater byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (10/18/2019 05:24:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Check Point Sandblast Agent Cipolla byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (10/18/2019 05:24:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Phantom VPN byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2018-07-04 12:43:34.765
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-04 12:43:34.764
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: Phoenix Technologies, LTD 5.05 02/20/2009
Motherboard: FOXCONN Newark
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 74%
Total physical RAM: 2558.18 MB
Available physical RAM: 655.48 MB
Total Virtual: 5114.73 MB
Available Virtual: 2437.31 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:96.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:465.66 GB) (Free:172.88 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 800CF999)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: EA2E939B)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
Moderátor
Moderátor
Příspěvky: 4059
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#29 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    ExportKey: HKU\S-1-5-21-73998946-1782675459-2744590695-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
    ExportKey: HKLM\SYSTEM\CurrentControlSet\Services\84034335
    File: C:\Windows\explorer.exe
    
    HKLM\...\Run: [] => [X]
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
    Task: {445844DB-7D5A-487A-A2F2-2B5B3EE77B63} - \RealDownloader Update Check -> No File <==== ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    U3 aswbdisk; no ImagePath
    U3 iswSvc; no ImagePath
    ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> No File
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84034335.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84034335.sys => ""="Driver"
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Antusek
Návštěvník
Návštěvník
Příspěvky: 400
Registrován: 17 úno 2007 20:54

Re: Windows Live mail neodeslal emaily - mnoho odesl. spamů

#30 Příspěvek od Antusek »

Posílám log. Akorát při procesu Avira zablokovala nějaký host soubor, ale z hlášení nebylo patrné jaký a v karanténě nic není. Dík za další rady.
:)

Fix result of Farbar Recovery Scan Tool (x86) Version: 20-10-2019
Ran by kuku (20-10-2019 12:03:28) Run:1
Running from D:\FRST
Loaded Profiles: kuku (Available Profiles: kuku)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
ExportKey: HKU\S-1-5-21-73998946-1782675459-2744590695-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
ExportKey: HKLM\SYSTEM\CurrentControlSet\Services\84034335
File: C:\Windows\explorer.exe

HKLM\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {445844DB-7D5A-487A-A2F2-2B5B3EE77B63} - \RealDownloader Update Check -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
U3 aswbdisk; no ImagePath
U3 iswSvc; no ImagePath

Zamčeno