Zvuky v ruštině v Mozille, místo běžného kurzoru ikona dlaně
Napsal: 14 črc 2019 12:38
Zdravím Vás. Bohužel se mi stalo, že jsem si do PC nainstaloval nějaký ruský vir. Prvotně se projevoval ruskou domovskou stránkou a vyhledávačem v Mozille. Pokusil jsem se vše odstranit, ale bohužel jsem zjistil, že stále přetrvává. Momentálně se projevuje tím, že se mi v mozille přehrávají nějaké zvuky v ruštině, dále mám místo kurzoru packu jako by celý web byl odkaz a současně jsem zjistil, že mám blokované aktualizace antiviru a přístup na webové stránky společností poskytujících antivirový sw. Níže vkládám LOG RFST a Addition.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2019
Ran by Kuba (administrator) on DESKTOP-55V176A (14-07-2019 13:30:33)
Running from C:\Users\Kuba\Desktop
Loaded Profiles: Kuba (Available Profiles: Kuba)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(Finkit d.o.o. -> Finkit d.o.o.) C:\Program Files (x86)\ManicTime\ManicTime.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOVM.EXE
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [441856 2017-10-24] (Power Software Ltd) [File not signed]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\Run: [ManicTimeC34F57B2DA6E6758] => C:\Program Files (x86)\ManicTime\ManicTime.exe [63672 2019-06-17] (Finkit d.o.o. -> Finkit d.o.o.)
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\MountPoints2: E - "E:\OriginSetup.exe"
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3642880 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3613696 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-06-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1782044C-C742-4E1A-BC3F-DB3A132D6600} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {238DD95B-8D45-49EA-AD2E-BBA9A1F29FB3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {284BFDD5-7FA5-497C-9C97-4C5CDDB3A6FB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3516C0D6-EEFD-4406-B42E-54949B379BE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5104CD04-F9D4-4F57-9B6B-AE8EC0728068} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
"C:\Windows\System32\Tasks\JSpPUlYEOjGQEpF" was unlocked. <==== ATTENTION
Task: {56EFE5B7-5C4A-4403-AF42-6304B13978D3} - System32\Tasks\JSpPUlYEOjGQEpF => rundll32 "C:\Program Files (x86)\rZdaClXBU\LsmDMy.dll",#1
Task: {57560BA3-C38A-4A1B-80C8-814D2BF58599} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-10] (Adobe Inc. -> Adobe)
Task: {67DA840C-4267-4FC8-B936-74E5F36E6686} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AA1EDCB-2767-4884-A595-B32A0D9033CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {6B202AE3-8316-4BEC-989B-E2C0B834802A} - System32\Tasks\Sk213Pl => C:\Users\Kuba\AppData\Roaming\prunld2619\he66988.exe [1387878 2019-07-04] ( ) [File not signed]
Task: {71CC0078-71F7-4DCF-AA10-20C7F7FE8D26} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88405D1B-7C37-4D6E-A748-BF5F1F922196} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {891E48C2-31EB-414E-A51D-B7E1797D0E06} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9795EE8A-72D7-496A-AA15-6A845C99638F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F7D1304-DBD5-4CA1-9690-C82FDE79763F} - System32\Tasks\{6BE2D576-CC33-4325-8D05-A810F469BAA3} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... rror=12002
Task: {B63C38CE-60D1-493F-9E88-5F38DC45E094} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BBE30F16-7E68-43F8-9A03-29592B2D1407} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-55V176A-Kuba => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BCED478B-29F2-4E77-9EF3-17BE4A6F9DB8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF4AC2EB-77F6-40A6-97B7-26047A88705A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C168FFF2-9E7C-4F56-B144-CFA6782DADDE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {CD4A2399-557C-4346-A1A3-F73873CCC639} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-10] (Adobe Inc. -> Adobe)
Task: {D1DD627A-8E88-4FFF-AC36-5F4E769953A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D32E4CC6-ED29-452F-BF57-03BCB2B621E3} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D392619F-7F16-4550-B45B-2F85ACA4BD32} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E25A968A-A18C-4F93-A271-636EBE002897} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3629324-793B-43ED-8117-D132778E0EE8} - System32\Tasks\{0046C361-ECFF-4833-98B5-885FE9C45E90} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... tError=404
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5f3f0318-8a6f-416f-af53-f72ca4578cfb}: [NameServer] 45.86.180.227,185.162.93.213,185.4.65.4,116.203.6.218,185.130.104.222,185.4.64.13
Tcpip\..\Interfaces\{5f3f0318-8a6f-416f-af53-f72ca4578cfb}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mail.ru/cnt/10445?gp=834423
SearchScopes: HKU\S-1-5-21-3906236801-542463905-1627191007-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BA224F9EF-1CCD-404F-81D0-DFB48F187956%7D&gp=811610
SearchScopes: HKU\S-1-5-21-3906236801-542463905-1627191007-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BA224F9EF-1CCD-404F-81D0-DFB48F187956%7D&gp=811610
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: d8q5u490.default
FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default [2019-07-14]
FF user.js: detected! => C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\user.js [2019-07-10]
FF NewTabOverride: Mozilla\Firefox\Profiles\d8q5u490.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Google Translator for Firefox) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\translator@zoli.bod.xpi [2018-12-03]
FF Extension: (Mozilla Official) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2019-07-04] [not signed]
FF Extension: (No Name) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{E55C9A17-39B3-4F0A-9546-2E85FE620BE8}.xpi [2019-07-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811610"
CHR NewTab: Default -> Active:"chrome-extension://beliehdniadoecbonbhlcgbdldccfigp/visual-bookmarks.html"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B0CFACCC3-E582-425E-A0F2-21CE0194C35F%7D&gp=811610
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default [2019-07-04]
CHR Extension: (Prezentace) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-06]
CHR Extension: (Dokumenty) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-06]
CHR Extension: (Disk Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-06]
CHR Extension: (Пульс) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\beliehdniadoecbonbhlcgbdldccfigp [2019-07-04]
CHR Extension: (YouTube) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-01-06]
CHR Extension: (Tabulky) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-06]
CHR Extension: (Adblocker pro Youtube™) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpfiaecfobeadhikddakkmaapliokib [2019-07-04] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-01]
CHR Extension: (Mail.Ru) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-21]
CHR Extension: (Gmail) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-01]
CHR HKLM-x32\...\Chrome\Extension: [beliehdniadoecbonbhlcgbdldccfigp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iepoegkaoeljnbhagabakjodgpfniimo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232 2019-06-05] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider)
R3 L6TPortA; C:\WINDOWS\System32\Drivers\L6TPortA64.sys [777728 2015-08-21] (Line 6 -> Line 6)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_54bd1f10ac116cd5\nvlddmkm.sys [20605496 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [452008 2019-04-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 13:30 - 2019-07-14 13:31 - 000029370 _____ C:\Users\Kuba\Desktop\FRST.txt
2019-07-14 13:29 - 2019-07-14 13:29 - 002095104 _____ (Farbar) C:\Users\Kuba\Desktop\FRST64.exe
2019-07-14 13:25 - 2019-07-14 13:25 - 000388608 _____ (Trend Micro Inc.) C:\Users\Kuba\Desktop\hijackthis.exe
2019-07-14 13:15 - 2019-07-14 13:15 - 004260984 _____ (ESET) C:\Users\Kuba\Desktop\A431714_eset_nod32_antivirus_live_installer.exe
2019-07-14 11:48 - 2019-07-14 13:24 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\BitTorrent
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign8159335585e1f507
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign0234540b49d298ce
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files\Common Files\OFX
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files (x86)\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files (x86)\LooksBuilder
2019-07-04 15:15 - 2017-01-30 10:10 - 064336384 _____ (Red Giant LLC) C:\WINDOWS\system32\MBLooks4UI_x64.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 014733824 _____ C:\WINDOWS\system32\UniChooser.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 013148672 _____ (Red Giant Software) C:\WINDOWS\system32\Gpu_Shader_Engine_x64.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 005528064 _____ (Noesis Technologies) C:\WINDOWS\system32\Noesis.dll
2019-07-04 14:51 - 2019-07-04 14:55 - 000000000 ____D C:\Program Files (x86)\MachinerData
2019-07-04 14:51 - 2019-07-04 14:51 - 000003278 _____ C:\WINDOWS\System32\Tasks\Sk213Pl
2019-07-04 14:51 - 2019-07-04 14:51 - 000002638 _____ C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF
2019-07-04 14:51 - 2019-07-04 14:51 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\prunld2619
2019-07-04 14:50 - 2019-07-04 15:02 - 000000000 ____D C:\Users\Kuba\AppData\Local\Mail.Ru
2019-07-04 14:50 - 2019-07-04 14:50 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-07-04 14:48 - 2019-07-04 15:12 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2019-07-04 14:48 - 2019-07-04 14:48 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\WarThunder
2019-07-04 14:31 - 2019-07-04 14:31 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsignfb0572792069154b
2019-07-04 14:31 - 2019-07-04 14:31 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsignd687d5b42e9a3f5f
2019-06-29 16:48 - 2019-06-29 16:48 - 000000000 ____D C:\Users\Kuba\Desktop\InfranPlugin
2019-06-27 15:58 - 2019-06-27 15:58 - 000000133 _____ C:\Users\Kuba\Desktop\dr.m.txt
2019-06-27 15:44 - 2019-06-27 15:44 - 000000904 _____ C:\Users\Kuba\Desktop\Start Tor Browser.lnk
2019-06-27 15:43 - 2019-06-27 15:44 - 000000000 ____D C:\Users\Kuba\Desktop\Tor Browser
2019-06-27 15:43 - 2019-06-27 15:43 - 057221488 _____ C:\Users\Kuba\Desktop\torbrowser-install-win64-8.5.3_en-US.exe
2019-06-24 16:52 - 2019-06-24 16:59 - 000000000 ____D C:\Users\Kuba\Desktop\Mrdací Kajuška
2019-06-21 09:42 - 2019-06-21 09:42 - 000000000 ____D C:\Users\Kuba\AppData\Local\Finkit
2019-06-21 09:41 - 2019-06-21 09:41 - 020297872 _____ C:\Users\Kuba\Desktop\ManicTime.exe
2019-06-21 09:41 - 2019-06-21 09:41 - 000002107 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManicTime.lnk
2019-06-21 09:41 - 2019-06-21 09:41 - 000000000 ____D C:\Program Files (x86)\ManicTime
2019-06-21 07:54 - 2019-07-14 12:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-16 13:45 - 2019-06-16 13:45 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign87120e1df626d94e
2019-06-16 13:45 - 2019-06-16 13:45 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign4ceebf506a2e321c
2019-06-16 13:44 - 2019-06-16 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Video for Premiere
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 13:31 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-14 13:30 - 2018-05-16 08:31 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-14 13:30 - 2018-05-15 08:25 - 000715018 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-14 13:30 - 2018-05-15 08:25 - 000144332 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-14 13:30 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-14 13:30 - 2017-11-11 19:23 - 000000000 ____D C:\FRST
2019-07-14 13:30 - 2017-05-30 07:24 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\BitTorrent
2019-07-14 13:26 - 2017-07-12 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-14 13:25 - 2017-05-10 19:03 - 000000000 ____D C:\Users\Kuba\AppData\Local\VirtualStore
2019-07-14 13:24 - 2019-05-03 09:04 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-07-14 13:24 - 2018-10-09 13:50 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-14 13:24 - 2018-05-16 08:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-14 13:24 - 2017-05-10 19:59 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\Mozilla
2019-07-14 13:23 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-14 12:32 - 2017-05-15 13:34 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Spotify
2019-07-14 12:31 - 2018-05-16 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-14 12:20 - 2017-05-15 13:34 - 000000000 ____D C:\Users\Kuba\AppData\Local\Spotify
2019-07-14 11:13 - 2017-11-19 00:14 - 000000000 ____D C:\Users\Kuba\AppData\Local\Packages
2019-07-13 13:49 - 2018-05-16 08:23 - 000000000 ____D C:\Users\Kuba
2019-07-12 22:02 - 2018-10-12 10:50 - 000000600 _____ C:\Users\Kuba\AppData\Local\PUTTY.RND
2019-07-12 22:02 - 2018-10-12 10:47 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\FileZilla
2019-07-12 22:01 - 2017-11-11 12:47 - 000000000 ____D C:\Users\Kuba\AppData\Local\CrashDumps
2019-07-12 21:59 - 2018-05-16 08:26 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3906236801-542463905-1627191007-1001
2019-07-12 21:59 - 2018-05-16 08:23 - 000002403 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-12 21:59 - 2017-05-10 19:05 - 000000000 ___RD C:\Users\Kuba\OneDrive
2019-07-12 00:28 - 2017-05-12 14:51 - 000000000 ____D C:\Users\Kuba\AppData\Local\ElevatedDiagnostics
2019-07-11 21:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-07-10 14:54 - 2018-05-16 08:26 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-10 14:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-10 14:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-04 14:51 - 2017-11-11 12:47 - 000000258 __RSH C:\ProgramData\ntuser.pol
2019-07-04 14:50 - 2015-07-10 13:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-07-03 11:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-30 08:24 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-28 10:27 - 2017-05-20 13:46 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\audacity
2019-06-27 15:44 - 2017-06-01 15:21 - 000000952 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2019-06-24 14:37 - 2018-01-31 14:37 - 000000000 ____D C:\Users\Kuba\Desktop\Nová složka
2019-06-21 17:21 - 2017-05-10 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-21 09:31 - 2018-11-17 10:42 - 000000000 ____D C:\Program Files\rempl
2019-06-19 18:34 - 2019-02-20 15:18 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-06-19 18:34 - 2019-02-20 15:18 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-06-19 08:53 - 2017-05-24 17:17 - 000000000 ____D C:\Program Files\UNP
2019-06-16 13:44 - 2019-05-05 17:00 - 000000000 ____D C:\Program Files\Neat Video for Premiere
2019-06-14 09:46 - 2017-05-16 17:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ================
2019-03-07 12:09 - 2019-03-07 12:09 - 000000600 _____ () C:\Users\Kuba\AppData\Roaming\PUTTY.RND
2017-05-30 11:49 - 2018-04-22 17:59 - 000001480 _____ () C:\Users\Kuba\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-05-12 17:11 - 2019-05-14 10:44 - 000000081 _____ () C:\Users\Kuba\AppData\Local\FILM_AE_LogFile.txt
2017-11-11 12:47 - 2017-11-11 12:47 - 000140800 _____ () C:\Users\Kuba\AppData\Local\installer.dat
2018-09-27 16:20 - 2018-09-27 16:20 - 000000000 _____ () C:\Users\Kuba\AppData\Local\oobelibMkey.log
2018-10-12 10:50 - 2019-07-12 22:02 - 000000600 _____ () C:\Users\Kuba\AppData\Local\PUTTY.RND
2018-06-06 11:49 - 2018-06-06 11:49 - 000007626 _____ () C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2019
Ran by Kuba (14-07-2019 13:32:19)
Running from C:\Users\Kuba\Desktop
Windows 10 Home Version 1803 17134.829 (X64) (2018-05-16 06:26:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3906236801-542463905-1627191007-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3906236801-542463905-1627191007-503 - Limited - Disabled)
Guest (S-1-5-21-3906236801-542463905-1627191007-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3906236801-542463905-1627191007-1004 - Limited - Enabled)
Kuba (S-1-5-21-3906236801-542463905-1627191007-1001 - Administrator - Enabled) => C:\Users\Kuba
WDAGUtilityAccount (S-1-5-21-3906236801-542463905-1627191007-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe After (HKLM\...\{6A915992-D887-4897-82F5-950EDD12DEB1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_1) (Version: 15.1.1 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2019 (HKLM-x32\...\DRWV_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_4) (Version: 7.4 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Adobe Premiere (HKLM\...\{C1CB876C-A08E-4692-B525-42848BD154D7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
ApowerREC V1.3.3.8 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.3.3.8 - Apowersoft LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Audition (HKLM\...\{52452272-9233-4A27-AA7A-E05C2E7A61BD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
BitTorrent (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4700 (HKLM-x32\...\{299FCBE4-2869-4EE0-9143-28BDC2C585AC}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
DaVinci Resolve (HKLM\...\{AFB2735E-5364-4626-BB95-B7B8275B0AD1}) (Version: 15.3.1003 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden
encoder (HKLM\...\{816B3B8A-576A-4B1E-8C18-150BB3A9DD6C}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
FileZilla Client 3.37.4 (HKLM-x32\...\FileZilla Client) (Version: 3.37.4 - Tim Kosse)
Flash Memory Toolkit trial 2.01 (HKLM-x32\...\Flash Memory Toolkit trial_is1) (Version: - EFD Software)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: - )
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{28981D56-C55A-4972-998F-823590FD43A2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
ImageMagick 7.0.6-0 Q16 (64-bit) (2017-06-11) (HKLM\...\ImageMagick 7.0.6 Q16 (64-bit)_is1) (Version: 7.0.6 - ImageMagick Studio LLC)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Network Connections 21.1.29.0 (HKLM\...\PROSetDX) (Version: 21.1.29.0 - Intel)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
K-Lite Mega Codec Pack 13.1.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.1.6 - KLCP)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
Magic Bullet Suite v13.0.3 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.3 - Red Giant, LLC)
ManicTime (HKLM-x32\...\{3DC65CAD-FBF2-4E89-A404-99B59145FF5C}) (Version: 4.3.4.0 - Finkit d.o.o.)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.4 (x64 cs)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 3.5 - ABSoft)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden
Perfect Uninstaller v6.3.4.0 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.0 - Power Software Ltd)
PS_AIO_06_C4700_SW_Min (HKLM-x32\...\{C31578B7-B86A-419F-96AC-C85458764B22}) (Version: 140.0.863.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Ripple Desktop Wallet (HKLM\...\{47FAE72F-1C26-43EE-BFB0-9B54A5BA387F}) (Version: 1.4.1 - Rippex)
Ruske / Ukrajinske foneticke klavesnice pro WIN 2000/XP 1.3 (HKLM\...\Ruska / Ukrajinska foneticka klavesnice_is1) (Version: 1.5 - )
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\Spotify) (Version: 1.1.10.540.gfcf0430f - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
Telegram Desktop version 1.4.3 (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.4.3 - Telegram Messenger LLP)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VueScan x64 (HKLM\...\VueScan x64) (Version: - Hamrick Software)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Youtube Downloader HD v. 2.9.9.30 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-06-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3906236801-542463905-1627191007-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B7D7B2F7532E} -> [Creative Cloud Files] => C:\Users\Kuba\Creative Cloud Files [2018-05-28 17:25]
CustomCLSID: HKU\S-1-5-21-3906236801-542463905-1627191007-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] (Guangxi Nanning Qiwang Co. Ltd. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] (Guangxi Nanning Qiwang Co. Ltd. -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-06-21 11:21 - 2019-06-21 11:21 - 000365568 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Interop.UIAeaff150a#\05ee64ff017c59d981bbdfa943c88605\Interop.UIAutomationClient.ni.dll
2019-03-11 14:32 - 2019-03-11 14:32 - 001316864 _____ () [File not signed] C:\Program Files (x86)\ManicTime\x64\sqlcipher.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001561600 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani1352a8e6#\43dc052eaf5252f3ff0a096dda551a5c\Finkit.ManicTime.Shared.XmlSerializers.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000947712 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Irony\79f3855dae59dc23cabcf777e10d6153\Irony.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 013598720 _____ (.NET Foundation and Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Reactive\b48dd5210ae76cef58c9c3c28152e21d\System.Reactive.ni.dll
2017-06-05 18:31 - 2009-04-16 14:08 - 000248320 _____ (Access Denied) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp70v.dll
2019-06-21 11:20 - 2019-06-21 11:20 - 001127424 _____ (Autofac) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Autofac\7acc613af3f4efa5dce24dbec9b323ae\Autofac.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000163328 _____ (Dominick Baier;Brock Allen) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\IdentityMod705487aa#\a54ad7d542d428c677c8459f9db6143b\IdentityModel.OidcClient.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 002885120 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani24616bc2#\4f06e799190c3e265d086f0980773e1b\Finkit.ManicTime.Common.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 001243136 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Manic26b69e3#\d31e942853e092efe6ed4f7eb0525261\Finkit.ManicTime.Common.O.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 004182016 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Manie9c9b897#\513a1eeea6c1df555d242ed448ac3371\Finkit.ManicTime.Tracker.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001603072 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.Cc04b5347#\c32fa773e545d048aa32333148626d21\ManicTime.Client.Tracker.Win.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000065536 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime\051610c71fa164c0756ffdb7a95fbfd9\ManicTime.ni.exe
2019-06-21 11:21 - 2019-06-21 11:21 - 003743744 _____ (Finkit.ManicTime.Shared) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani497a5306#\15608c329173e146bea916133407007d\Finkit.ManicTime.Shared.ni.dll
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2016-08-24 16:54 - 2016-08-24 16:54 - 000352256 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001926144 _____ (ManicTime.Client) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.Client\6f00d781eae1748734821c8b129ca3ee\ManicTime.Client.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001376256 _____ (ManicTime.Client.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C043ae9f8#\7e8e2fdddd5469ccc6ed5219f3cf13fd\ManicTime.Client.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001641984 _____ (ManicTime.Client.Tracker) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C107cfc19#\92e6bea85732ccba24a2eea68a76e70f\ManicTime.Client.Tracker.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000761856 _____ (ManicTime.Client.Tracker.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C03e9988e#\1708519c56e3bd31e5d24c4bd66318d9\ManicTime.Client.Tracker.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 003833856 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\5a34fd43a5cc89566b6020a0e2286af8\Newtonsoft.Json.ni.dll
2017-10-24 04:39 - 2017-10-24 04:39 - 000441856 _____ (Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOVM.EXE
2019-06-21 11:21 - 2019-06-21 11:21 - 011467776 _____ (Shared.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Shared.Storage\5dbfb47794c83050bc868d678d554896\Shared.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001114112 _____ (Xamarin Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SkiaSharp\c608b4dbf18b75f999a81f7a7763aa8a\SkiaSharp.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000233472 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRa3789e0c2#\62fa7b0c40f0d349de34cac4e4db1af4\SQLitePCLRaw.provider.sqlcipher.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000011264 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaf488fa76#\d7d8a8c3ad012e0c990347af91a2cca2\SQLitePCLRaw.batteries_v2.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000193024 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaw.core\80c6cce0b8ea581d067b2ef71b11ca51\SQLitePCLRaw.core.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [382]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ImageMagick-7.0.6-Q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 45.86.180.227 - 185.162.93.213
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{F5AB4BA7-09E2-4A75-B59D-02C7A765F27A}C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{A6047765-F3C0-4E17-B009-7DD79F225F4A}C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{50BFE750-DE0C-4E4D-9AD0-35FA2D62C01B}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{3C62EA47-52CC-47E7-B9C4-DC3131BDA508}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [TCP Query User{D3707361-6BA4-49F0-B6C0-F19F88808E19}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{AF334917-2A36-4A17-8155-0949EA3411B7}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{ED1C42E8-47BE-4568-A745-6DE5131FB8BC}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{6F7E01E2-3698-4669-A4E2-9DB8A8446AEB}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
21-06-2019 09:30:48 Windows Update
30-06-2019 12:23:54 Scheduled Checkpoint
04-07-2019 15:20:37 Removed SafeMyWeb
12-07-2019 00:51:36 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/14/2019 01:25:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:24:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:24:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:15:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:47:58 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:47:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:08:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:08:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
System errors:
=============
Error: (07/14/2019 01:26:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/14/2019 01:26:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby gupdate bylo dosaženo časového limitu (30000 ms).
Error: (07/14/2019 01:24:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\NETWORK SERVICE (SID: S-1-5-20) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/14/2019 01:24:01 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu Microsoft-RMS-MSIPC/Debug. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
Error: (07/14/2019 01:24:01 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu DebugChannel. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
Error: (07/14/2019 01:23:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-55V176A)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/14/2019 01:23:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-55V176A)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/14/2019 01:23:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-55V176A)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2019-07-14 13:04:20.691
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {905044F8-B922-4B86-8D6B-2C125F90DB2C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-55V176A\Kuba
Date: 2019-07-05 00:45:46.638
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {315E8E5A-B1A1-4BC0-B3B6-FA1A11F29F90}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-07-04 15:24:31.796
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: High
Kategorie: Tool
Cesta: containerfile:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar; file:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar->Guitar Pro 6.0.9\Step 2 - Keygen\Keygen.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: DESKTOP-55V176A\Kuba
Název procesu: Unknown
Verze podpisu: AV: 1.297.421.0, AS: 1.297.421.0, NIS: 1.297.421.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4
Date: 2019-07-04 15:23:13.225
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {AF3B60D2-1E5A-4702-B301-5BF1BEC89C12}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-55V176A\Kuba
Date: 2019-07-04 15:23:13.225
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: High
Kategorie: Tool
Cesta: file:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar->Guitar Pro 6.0.9\Step 2 - Keygen\Keygen.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: DESKTOP-55V176A\Kuba
Název procesu: Unknown
Verze podpisu: AV: 1.297.353.0, AS: 1.297.353.0, NIS: 1.297.353.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4
Date: 2019-07-14 13:27:19.334
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.334
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.334
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.330
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.329
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-07-14 13:24:01.003
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 11:47:50.775
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 11:08:07.608
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-11 21:04:06.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-11 20:57:42.635
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-10 14:51:27.120
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-04 15:56:54.247
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-04 14:57:03.752
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.10 11/14/2016
Motherboard: ASRock Z270M Pro4
Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 17%
Total physical RAM: 32732.52 MB
Available physical RAM: 26844.24 MB
Total Virtual: 37596.52 MB
Available Virtual: 29148.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.92 GB) (Free:86.53 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:194.43 GB) NTFS
\\?\Volume{5670ee53-7474-4e3f-b72d-70bb7fb6bd39}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{ffac9eed-4bc7-4652-963a-64d5ea51b640}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2019
Ran by Kuba (administrator) on DESKTOP-55V176A (14-07-2019 13:30:33)
Running from C:\Users\Kuba\Desktop
Loaded Profiles: Kuba (Available Profiles: Kuba)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Kuba\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(Finkit d.o.o. -> Finkit d.o.o.) C:\Program Files (x86)\ManicTime\ManicTime.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOVM.EXE
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [441856 2017-10-24] (Power Software Ltd) [File not signed]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\Run: [ManicTimeC34F57B2DA6E6758] => C:\Program Files (x86)\ManicTime\ManicTime.exe [63672 2019-06-17] (Finkit d.o.o. -> Finkit d.o.o.)
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\MountPoints2: E - "E:\OriginSetup.exe"
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3642880 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3613696 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-06-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1782044C-C742-4E1A-BC3F-DB3A132D6600} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {238DD95B-8D45-49EA-AD2E-BBA9A1F29FB3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {284BFDD5-7FA5-497C-9C97-4C5CDDB3A6FB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3516C0D6-EEFD-4406-B42E-54949B379BE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5104CD04-F9D4-4F57-9B6B-AE8EC0728068} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
"C:\Windows\System32\Tasks\JSpPUlYEOjGQEpF" was unlocked. <==== ATTENTION
Task: {56EFE5B7-5C4A-4403-AF42-6304B13978D3} - System32\Tasks\JSpPUlYEOjGQEpF => rundll32 "C:\Program Files (x86)\rZdaClXBU\LsmDMy.dll",#1
Task: {57560BA3-C38A-4A1B-80C8-814D2BF58599} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-10] (Adobe Inc. -> Adobe)
Task: {67DA840C-4267-4FC8-B936-74E5F36E6686} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AA1EDCB-2767-4884-A595-B32A0D9033CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {6B202AE3-8316-4BEC-989B-E2C0B834802A} - System32\Tasks\Sk213Pl => C:\Users\Kuba\AppData\Roaming\prunld2619\he66988.exe [1387878 2019-07-04] ( ) [File not signed]
Task: {71CC0078-71F7-4DCF-AA10-20C7F7FE8D26} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88405D1B-7C37-4D6E-A748-BF5F1F922196} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {891E48C2-31EB-414E-A51D-B7E1797D0E06} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9795EE8A-72D7-496A-AA15-6A845C99638F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F7D1304-DBD5-4CA1-9690-C82FDE79763F} - System32\Tasks\{6BE2D576-CC33-4325-8D05-A810F469BAA3} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... rror=12002
Task: {B63C38CE-60D1-493F-9E88-5F38DC45E094} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BBE30F16-7E68-43F8-9A03-29592B2D1407} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-55V176A-Kuba => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BCED478B-29F2-4E77-9EF3-17BE4A6F9DB8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF4AC2EB-77F6-40A6-97B7-26047A88705A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C168FFF2-9E7C-4F56-B144-CFA6782DADDE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {CD4A2399-557C-4346-A1A3-F73873CCC639} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-10] (Adobe Inc. -> Adobe)
Task: {D1DD627A-8E88-4FFF-AC36-5F4E769953A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D32E4CC6-ED29-452F-BF57-03BCB2B621E3} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D392619F-7F16-4550-B45B-2F85ACA4BD32} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E25A968A-A18C-4F93-A271-636EBE002897} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3629324-793B-43ED-8117-D132778E0EE8} - System32\Tasks\{0046C361-ECFF-4833-98B5-885FE9C45E90} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... tError=404
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5f3f0318-8a6f-416f-af53-f72ca4578cfb}: [NameServer] 45.86.180.227,185.162.93.213,185.4.65.4,116.203.6.218,185.130.104.222,185.4.64.13
Tcpip\..\Interfaces\{5f3f0318-8a6f-416f-af53-f72ca4578cfb}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mail.ru/cnt/10445?gp=834423
SearchScopes: HKU\S-1-5-21-3906236801-542463905-1627191007-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BA224F9EF-1CCD-404F-81D0-DFB48F187956%7D&gp=811610
SearchScopes: HKU\S-1-5-21-3906236801-542463905-1627191007-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BA224F9EF-1CCD-404F-81D0-DFB48F187956%7D&gp=811610
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: d8q5u490.default
FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default [2019-07-14]
FF user.js: detected! => C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\user.js [2019-07-10]
FF NewTabOverride: Mozilla\Firefox\Profiles\d8q5u490.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Google Translator for Firefox) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\translator@zoli.bod.xpi [2018-12-03]
FF Extension: (Mozilla Official) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2019-07-04] [not signed]
FF Extension: (No Name) - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\d8q5u490.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{E55C9A17-39B3-4F0A-9546-2E85FE620BE8}.xpi [2019-07-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811610"
CHR NewTab: Default -> Active:"chrome-extension://beliehdniadoecbonbhlcgbdldccfigp/visual-bookmarks.html"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B0CFACCC3-E582-425E-A0F2-21CE0194C35F%7D&gp=811610
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default [2019-07-04]
CHR Extension: (Prezentace) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-06]
CHR Extension: (Dokumenty) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-06]
CHR Extension: (Disk Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-06]
CHR Extension: (Пульс) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\beliehdniadoecbonbhlcgbdldccfigp [2019-07-04]
CHR Extension: (YouTube) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-01-06]
CHR Extension: (Tabulky) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-06]
CHR Extension: (Adblocker pro Youtube™) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpfiaecfobeadhikddakkmaapliokib [2019-07-04] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-01]
CHR Extension: (Mail.Ru) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-21]
CHR Extension: (Gmail) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-01]
CHR HKLM-x32\...\Chrome\Extension: [beliehdniadoecbonbhlcgbdldccfigp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iepoegkaoeljnbhagabakjodgpfniimo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232 2019-06-05] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider)
R3 L6TPortA; C:\WINDOWS\System32\Drivers\L6TPortA64.sys [777728 2015-08-21] (Line 6 -> Line 6)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_54bd1f10ac116cd5\nvlddmkm.sys [20605496 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [452008 2019-04-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 13:30 - 2019-07-14 13:31 - 000029370 _____ C:\Users\Kuba\Desktop\FRST.txt
2019-07-14 13:29 - 2019-07-14 13:29 - 002095104 _____ (Farbar) C:\Users\Kuba\Desktop\FRST64.exe
2019-07-14 13:25 - 2019-07-14 13:25 - 000388608 _____ (Trend Micro Inc.) C:\Users\Kuba\Desktop\hijackthis.exe
2019-07-14 13:15 - 2019-07-14 13:15 - 004260984 _____ (ESET) C:\Users\Kuba\Desktop\A431714_eset_nod32_antivirus_live_installer.exe
2019-07-14 11:48 - 2019-07-14 13:24 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\BitTorrent
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign8159335585e1f507
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign0234540b49d298ce
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files\Common Files\OFX
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files (x86)\Red Giant
2019-07-04 15:15 - 2019-07-04 15:15 - 000000000 ____D C:\Program Files (x86)\LooksBuilder
2019-07-04 15:15 - 2017-01-30 10:10 - 064336384 _____ (Red Giant LLC) C:\WINDOWS\system32\MBLooks4UI_x64.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 014733824 _____ C:\WINDOWS\system32\UniChooser.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 013148672 _____ (Red Giant Software) C:\WINDOWS\system32\Gpu_Shader_Engine_x64.dll
2019-07-04 15:15 - 2016-12-01 15:43 - 005528064 _____ (Noesis Technologies) C:\WINDOWS\system32\Noesis.dll
2019-07-04 14:51 - 2019-07-04 14:55 - 000000000 ____D C:\Program Files (x86)\MachinerData
2019-07-04 14:51 - 2019-07-04 14:51 - 000003278 _____ C:\WINDOWS\System32\Tasks\Sk213Pl
2019-07-04 14:51 - 2019-07-04 14:51 - 000002638 _____ C:\WINDOWS\System32\Tasks\JSpPUlYEOjGQEpF
2019-07-04 14:51 - 2019-07-04 14:51 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\prunld2619
2019-07-04 14:50 - 2019-07-04 15:02 - 000000000 ____D C:\Users\Kuba\AppData\Local\Mail.Ru
2019-07-04 14:50 - 2019-07-04 14:50 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-07-04 14:48 - 2019-07-04 15:12 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2019-07-04 14:48 - 2019-07-04 14:48 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\WarThunder
2019-07-04 14:31 - 2019-07-04 14:31 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsignfb0572792069154b
2019-07-04 14:31 - 2019-07-04 14:31 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsignd687d5b42e9a3f5f
2019-06-29 16:48 - 2019-06-29 16:48 - 000000000 ____D C:\Users\Kuba\Desktop\InfranPlugin
2019-06-27 15:58 - 2019-06-27 15:58 - 000000133 _____ C:\Users\Kuba\Desktop\dr.m.txt
2019-06-27 15:44 - 2019-06-27 15:44 - 000000904 _____ C:\Users\Kuba\Desktop\Start Tor Browser.lnk
2019-06-27 15:43 - 2019-06-27 15:44 - 000000000 ____D C:\Users\Kuba\Desktop\Tor Browser
2019-06-27 15:43 - 2019-06-27 15:43 - 057221488 _____ C:\Users\Kuba\Desktop\torbrowser-install-win64-8.5.3_en-US.exe
2019-06-24 16:52 - 2019-06-24 16:59 - 000000000 ____D C:\Users\Kuba\Desktop\Mrdací Kajuška
2019-06-21 09:42 - 2019-06-21 09:42 - 000000000 ____D C:\Users\Kuba\AppData\Local\Finkit
2019-06-21 09:41 - 2019-06-21 09:41 - 020297872 _____ C:\Users\Kuba\Desktop\ManicTime.exe
2019-06-21 09:41 - 2019-06-21 09:41 - 000002107 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManicTime.lnk
2019-06-21 09:41 - 2019-06-21 09:41 - 000000000 ____D C:\Program Files (x86)\ManicTime
2019-06-21 07:54 - 2019-07-14 12:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-16 13:45 - 2019-06-16 13:45 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign87120e1df626d94e
2019-06-16 13:45 - 2019-06-16 13:45 - 000000000 ____D C:\Users\Kuba\AppData\Local\Tempzxpsign4ceebf506a2e321c
2019-06-16 13:44 - 2019-06-16 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Video for Premiere
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 13:31 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-14 13:30 - 2018-05-16 08:31 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-14 13:30 - 2018-05-15 08:25 - 000715018 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-14 13:30 - 2018-05-15 08:25 - 000144332 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-14 13:30 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-14 13:30 - 2017-11-11 19:23 - 000000000 ____D C:\FRST
2019-07-14 13:30 - 2017-05-30 07:24 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\BitTorrent
2019-07-14 13:26 - 2017-07-12 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-14 13:25 - 2017-05-10 19:03 - 000000000 ____D C:\Users\Kuba\AppData\Local\VirtualStore
2019-07-14 13:24 - 2019-05-03 09:04 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-07-14 13:24 - 2018-10-09 13:50 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-14 13:24 - 2018-05-16 08:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-14 13:24 - 2017-05-10 19:59 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\Mozilla
2019-07-14 13:23 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-14 12:32 - 2017-05-15 13:34 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Spotify
2019-07-14 12:31 - 2018-05-16 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-14 12:20 - 2017-05-15 13:34 - 000000000 ____D C:\Users\Kuba\AppData\Local\Spotify
2019-07-14 11:13 - 2017-11-19 00:14 - 000000000 ____D C:\Users\Kuba\AppData\Local\Packages
2019-07-13 13:49 - 2018-05-16 08:23 - 000000000 ____D C:\Users\Kuba
2019-07-12 22:02 - 2018-10-12 10:50 - 000000600 _____ C:\Users\Kuba\AppData\Local\PUTTY.RND
2019-07-12 22:02 - 2018-10-12 10:47 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\FileZilla
2019-07-12 22:01 - 2017-11-11 12:47 - 000000000 ____D C:\Users\Kuba\AppData\Local\CrashDumps
2019-07-12 21:59 - 2018-05-16 08:26 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3906236801-542463905-1627191007-1001
2019-07-12 21:59 - 2018-05-16 08:23 - 000002403 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-12 21:59 - 2017-05-10 19:05 - 000000000 ___RD C:\Users\Kuba\OneDrive
2019-07-12 00:28 - 2017-05-12 14:51 - 000000000 ____D C:\Users\Kuba\AppData\Local\ElevatedDiagnostics
2019-07-11 21:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-07-10 14:54 - 2018-05-16 08:26 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-10 14:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-10 14:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-04 14:51 - 2017-11-11 12:47 - 000000258 __RSH C:\ProgramData\ntuser.pol
2019-07-04 14:50 - 2015-07-10 13:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-07-03 11:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-30 08:24 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-28 10:27 - 2017-05-20 13:46 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\audacity
2019-06-27 15:44 - 2017-06-01 15:21 - 000000952 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2019-06-24 14:37 - 2018-01-31 14:37 - 000000000 ____D C:\Users\Kuba\Desktop\Nová složka
2019-06-21 17:21 - 2017-05-10 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-21 09:31 - 2018-11-17 10:42 - 000000000 ____D C:\Program Files\rempl
2019-06-19 18:34 - 2019-02-20 15:18 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-06-19 18:34 - 2019-02-20 15:18 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-06-19 08:53 - 2017-05-24 17:17 - 000000000 ____D C:\Program Files\UNP
2019-06-16 13:44 - 2019-05-05 17:00 - 000000000 ____D C:\Program Files\Neat Video for Premiere
2019-06-14 09:46 - 2017-05-16 17:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ================
2019-03-07 12:09 - 2019-03-07 12:09 - 000000600 _____ () C:\Users\Kuba\AppData\Roaming\PUTTY.RND
2017-05-30 11:49 - 2018-04-22 17:59 - 000001480 _____ () C:\Users\Kuba\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-05-12 17:11 - 2019-05-14 10:44 - 000000081 _____ () C:\Users\Kuba\AppData\Local\FILM_AE_LogFile.txt
2017-11-11 12:47 - 2017-11-11 12:47 - 000140800 _____ () C:\Users\Kuba\AppData\Local\installer.dat
2018-09-27 16:20 - 2018-09-27 16:20 - 000000000 _____ () C:\Users\Kuba\AppData\Local\oobelibMkey.log
2018-10-12 10:50 - 2019-07-12 22:02 - 000000600 _____ () C:\Users\Kuba\AppData\Local\PUTTY.RND
2018-06-06 11:49 - 2018-06-06 11:49 - 000007626 _____ () C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2019
Ran by Kuba (14-07-2019 13:32:19)
Running from C:\Users\Kuba\Desktop
Windows 10 Home Version 1803 17134.829 (X64) (2018-05-16 06:26:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3906236801-542463905-1627191007-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3906236801-542463905-1627191007-503 - Limited - Disabled)
Guest (S-1-5-21-3906236801-542463905-1627191007-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3906236801-542463905-1627191007-1004 - Limited - Enabled)
Kuba (S-1-5-21-3906236801-542463905-1627191007-1001 - Administrator - Enabled) => C:\Users\Kuba
WDAGUtilityAccount (S-1-5-21-3906236801-542463905-1627191007-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe After (HKLM\...\{6A915992-D887-4897-82F5-950EDD12DEB1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_1) (Version: 15.1.1 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2019 (HKLM-x32\...\DRWV_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_4) (Version: 7.4 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Adobe Premiere (HKLM\...\{C1CB876C-A08E-4692-B525-42848BD154D7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
ApowerREC V1.3.3.8 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.3.3.8 - Apowersoft LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Audition (HKLM\...\{52452272-9233-4A27-AA7A-E05C2E7A61BD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
BitTorrent (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4700 (HKLM-x32\...\{299FCBE4-2869-4EE0-9143-28BDC2C585AC}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
DaVinci Resolve (HKLM\...\{AFB2735E-5364-4626-BB95-B7B8275B0AD1}) (Version: 15.3.1003 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden
encoder (HKLM\...\{816B3B8A-576A-4B1E-8C18-150BB3A9DD6C}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
FileZilla Client 3.37.4 (HKLM-x32\...\FileZilla Client) (Version: 3.37.4 - Tim Kosse)
Flash Memory Toolkit trial 2.01 (HKLM-x32\...\Flash Memory Toolkit trial_is1) (Version: - EFD Software)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: - )
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{28981D56-C55A-4972-998F-823590FD43A2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
ImageMagick 7.0.6-0 Q16 (64-bit) (2017-06-11) (HKLM\...\ImageMagick 7.0.6 Q16 (64-bit)_is1) (Version: 7.0.6 - ImageMagick Studio LLC)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Network Connections 21.1.29.0 (HKLM\...\PROSetDX) (Version: 21.1.29.0 - Intel)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
K-Lite Mega Codec Pack 13.1.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.1.6 - KLCP)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
Magic Bullet Suite v13.0.3 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.3 - Red Giant, LLC)
ManicTime (HKLM-x32\...\{3DC65CAD-FBF2-4E89-A404-99B59145FF5C}) (Version: 4.3.4.0 - Finkit d.o.o.)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.4 (x64 cs)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 3.5 - ABSoft)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden
Perfect Uninstaller v6.3.4.0 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.0 - Power Software Ltd)
PS_AIO_06_C4700_SW_Min (HKLM-x32\...\{C31578B7-B86A-419F-96AC-C85458764B22}) (Version: 140.0.863.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Ripple Desktop Wallet (HKLM\...\{47FAE72F-1C26-43EE-BFB0-9B54A5BA387F}) (Version: 1.4.1 - Rippex)
Ruske / Ukrajinske foneticke klavesnice pro WIN 2000/XP 1.3 (HKLM\...\Ruska / Ukrajinska foneticka klavesnice_is1) (Version: 1.5 - )
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\Spotify) (Version: 1.1.10.540.gfcf0430f - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
Telegram Desktop version 1.4.3 (HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.4.3 - Telegram Messenger LLP)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4464593) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5BDCA2BB-3BAD-4461-A3A7-35B526AC2039}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VueScan x64 (HKLM\...\VueScan x64) (Version: - Hamrick Software)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Youtube Downloader HD v. 2.9.9.30 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-06-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3906236801-542463905-1627191007-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B7D7B2F7532E} -> [Creative Cloud Files] => C:\Users\Kuba\Creative Cloud Files [2018-05-28 17:25]
CustomCLSID: HKU\S-1-5-21-3906236801-542463905-1627191007-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] (Guangxi Nanning Qiwang Co. Ltd. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] (Guangxi Nanning Qiwang Co. Ltd. -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd) [File not signed]
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-06-21 11:21 - 2019-06-21 11:21 - 000365568 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Interop.UIAeaff150a#\05ee64ff017c59d981bbdfa943c88605\Interop.UIAutomationClient.ni.dll
2019-03-11 14:32 - 2019-03-11 14:32 - 001316864 _____ () [File not signed] C:\Program Files (x86)\ManicTime\x64\sqlcipher.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001561600 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani1352a8e6#\43dc052eaf5252f3ff0a096dda551a5c\Finkit.ManicTime.Shared.XmlSerializers.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000947712 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Irony\79f3855dae59dc23cabcf777e10d6153\Irony.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 013598720 _____ (.NET Foundation and Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Reactive\b48dd5210ae76cef58c9c3c28152e21d\System.Reactive.ni.dll
2017-06-05 18:31 - 2009-04-16 14:08 - 000248320 _____ (Access Denied) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp70v.dll
2019-06-21 11:20 - 2019-06-21 11:20 - 001127424 _____ (Autofac) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Autofac\7acc613af3f4efa5dce24dbec9b323ae\Autofac.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000163328 _____ (Dominick Baier;Brock Allen) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\IdentityMod705487aa#\a54ad7d542d428c677c8459f9db6143b\IdentityModel.OidcClient.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 002885120 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani24616bc2#\4f06e799190c3e265d086f0980773e1b\Finkit.ManicTime.Common.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 001243136 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Manic26b69e3#\d31e942853e092efe6ed4f7eb0525261\Finkit.ManicTime.Common.O.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 004182016 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Manie9c9b897#\513a1eeea6c1df555d242ed448ac3371\Finkit.ManicTime.Tracker.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001603072 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.Cc04b5347#\c32fa773e545d048aa32333148626d21\ManicTime.Client.Tracker.Win.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000065536 _____ (Finkit d.o.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime\051610c71fa164c0756ffdb7a95fbfd9\ManicTime.ni.exe
2019-06-21 11:21 - 2019-06-21 11:21 - 003743744 _____ (Finkit.ManicTime.Shared) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Finkit.Mani497a5306#\15608c329173e146bea916133407007d\Finkit.ManicTime.Shared.ni.dll
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2016-08-24 16:54 - 2016-08-24 16:54 - 000352256 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001926144 _____ (ManicTime.Client) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.Client\6f00d781eae1748734821c8b129ca3ee\ManicTime.Client.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001376256 _____ (ManicTime.Client.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C043ae9f8#\7e8e2fdddd5469ccc6ed5219f3cf13fd\ManicTime.Client.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001641984 _____ (ManicTime.Client.Tracker) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C107cfc19#\92e6bea85732ccba24a2eea68a76e70f\ManicTime.Client.Tracker.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 000761856 _____ (ManicTime.Client.Tracker.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ManicTime.C03e9988e#\1708519c56e3bd31e5d24c4bd66318d9\ManicTime.Client.Tracker.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 003833856 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\5a34fd43a5cc89566b6020a0e2286af8\Newtonsoft.Json.ni.dll
2017-10-24 04:39 - 2017-10-24 04:39 - 000441856 _____ (Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOVM.EXE
2019-06-21 11:21 - 2019-06-21 11:21 - 011467776 _____ (Shared.Storage) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Shared.Storage\5dbfb47794c83050bc868d678d554896\Shared.Storage.ni.dll
2019-06-21 11:21 - 2019-06-21 11:21 - 001114112 _____ (Xamarin Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SkiaSharp\c608b4dbf18b75f999a81f7a7763aa8a\SkiaSharp.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000233472 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRa3789e0c2#\62fa7b0c40f0d349de34cac4e4db1af4\SQLitePCLRaw.provider.sqlcipher.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000011264 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaf488fa76#\d7d8a8c3ad012e0c990347af91a2cca2\SQLitePCLRaw.batteries_v2.ni.dll
2019-06-21 11:22 - 2019-06-21 11:22 - 000193024 _____ (Zumero, LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaw.core\80c6cce0b8ea581d067b2ef71b11ca51\SQLitePCLRaw.core.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [382]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\ImageMagick-7.0.6-Q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 45.86.180.227 - 185.162.93.213
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3906236801-542463905-1627191007-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{F5AB4BA7-09E2-4A75-B59D-02C7A765F27A}C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{A6047765-F3C0-4E17-B009-7DD79F225F4A}C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{50BFE750-DE0C-4E4D-9AD0-35FA2D62C01B}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{3C62EA47-52CC-47E7-B9C4-DC3131BDA508}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [TCP Query User{D3707361-6BA4-49F0-B6C0-F19F88808E19}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{AF334917-2A36-4A17-8155-0949EA3411B7}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{ED1C42E8-47BE-4568-A745-6DE5131FB8BC}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
FirewallRules: [UDP Query User{6F7E01E2-3698-4669-A4E2-9DB8A8446AEB}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe (Adobe Systems Incorporated -> Adobe)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
21-06-2019 09:30:48 Windows Update
30-06-2019 12:23:54 Scheduled Checkpoint
04-07-2019 15:20:37 Removed SafeMyWeb
12-07-2019 00:51:36 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/14/2019 01:25:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:24:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:24:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 01:15:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:47:58 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:47:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:08:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
Error: (07/14/2019 11:08:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.
System errors:
=============
Error: (07/14/2019 01:26:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/14/2019 01:26:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby gupdate bylo dosaženo časového limitu (30000 ms).
Error: (07/14/2019 01:24:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\NETWORK SERVICE (SID: S-1-5-20) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/14/2019 01:24:01 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu Microsoft-RMS-MSIPC/Debug. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
Error: (07/14/2019 01:24:01 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu DebugChannel. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
Error: (07/14/2019 01:23:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-55V176A)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/14/2019 01:23:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-55V176A)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/14/2019 01:23:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-55V176A)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2019-07-14 13:04:20.691
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {905044F8-B922-4B86-8D6B-2C125F90DB2C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-55V176A\Kuba
Date: 2019-07-05 00:45:46.638
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {315E8E5A-B1A1-4BC0-B3B6-FA1A11F29F90}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-07-04 15:24:31.796
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: High
Kategorie: Tool
Cesta: containerfile:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar; file:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar->Guitar Pro 6.0.9\Step 2 - Keygen\Keygen.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: DESKTOP-55V176A\Kuba
Název procesu: Unknown
Verze podpisu: AV: 1.297.421.0, AS: 1.297.421.0, NIS: 1.297.421.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4
Date: 2019-07-04 15:23:13.225
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {AF3B60D2-1E5A-4702-B301-5BF1BEC89C12}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-55V176A\Kuba
Date: 2019-07-04 15:23:13.225
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: High
Kategorie: Tool
Cesta: file:_D:\Stažené soubory\Guitar Pro 6.0.9 + Newest Soundtracks.rar->Guitar Pro 6.0.9\Step 2 - Keygen\Keygen.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: DESKTOP-55V176A\Kuba
Název procesu: Unknown
Verze podpisu: AV: 1.297.353.0, AS: 1.297.353.0, NIS: 1.297.353.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4
Date: 2019-07-14 13:27:19.334
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.334
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.334
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.330
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
Date: 2019-07-14 13:27:19.329
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.421.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-07-14 13:24:01.003
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 11:47:50.775
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-14 11:08:07.608
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-11 21:04:06.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-11 20:57:42.635
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-10 14:51:27.120
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-04 15:56:54.247
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
Date: 2019-07-04 14:57:03.752
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\kbdru666.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.10 11/14/2016
Motherboard: ASRock Z270M Pro4
Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 17%
Total physical RAM: 32732.52 MB
Available physical RAM: 26844.24 MB
Total Virtual: 37596.52 MB
Available Virtual: 29148.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.92 GB) (Free:86.53 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:194.43 GB) NTFS
\\?\Volume{5670ee53-7474-4e3f-b72d-70bb7fb6bd39}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{ffac9eed-4bc7-4652-963a-64d5ea51b640}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
