Kontrola logu - Adware chrome Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:

Kontrola logu - Adware chrome

Příspěvekod Martinor » 01 dub 2019 11:16

Dobrý den,


v chrome mě vyskakuje Adware, reklama která tam nepatří + vyskakovací okna. Prosím o radu. Děkuji

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:15:31, on 01.04.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\mrmar\Downloads\Programs\HijackThis.exe
C:\Users\mrmar\Downloads\Programs\HijackThis2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll
O2 - BHO: PDF Architect 6 Helper - {9FD094B1-A4BF-415A-82AE-8C2845D0B769} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
O4 - HKCU\..\Run: [XperiaCompanionAgent] "C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{9b4170e7-c452-432b-b634-32aa00a592f8}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @oem8.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service (ApHidMonitorService) - Alps Electric Co., Ltd. - C:\Program Files\Apoint2K\HidMonitorSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\elevation_service.exe
O23 - Service: GoPro Device Detection Service (GoProDeviceDetectionService) - Unknown owner - C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem53.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\System32\ibmpmsvc.exe (file missing)
O23 - Service: @oem2.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\Windows\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyResume Service (Lenovo Instant On) - Lenovo Group Limited - C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe
O23 - Service: @oem53.inf,%Lenovo.svcDesc1%;Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\System32\LPlatSvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect 6 - pdfforge GmbH - C:\Program Files\PDF Architect 6\ws.exe
O23 - Service: PDF Architect 6 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe
O23 - Service: PDF Architect 6 Update Service - pdfforge GmbH - C:\Program Files\PDF Architect 6\updater-ws.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: RemoteMouseService - Unknown owner - C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_7ed9406f9c73fd1f\driver\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing)
O23 - Service: Služba Xperia Companion (XperiaCompanionService) - Sony - C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe

--
End of file - 15546 bytes
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu - Adware chrome

Příspěvekod jaro3 » 01 dub 2019 19:04

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Diallix
Level 2
Level 2
Příspěvky: 243
Registrován: říjen 08
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:

Re: Kontrola logu - Adware chrome

Příspěvekod Diallix » 04 dub 2019 07:17

Po vykonani horeuvedenych postupov, prosim, urobte este nasledovne:


- Stiahnite nastroj FRST, 32/64 bitovy, podla vasho systemu odtialto: https://www.bleepingcomputer.com/downlo ... scan-tool/
- Ulozte program FRST na plochu.
- Spustite program FRST a v okne Whitelist oznacte chlieviky Registry, Services, Drivers, Processes, Internet a v okne Optional Scan oznacte Addition.txt.
- Pokracujte tlacidlom Scan.
- Zacne sken, ktory moze trvat istu chvilu.
- Po skene sem vlozte logy: FRST + ADDITION
Moja nová kniha >> Kniha <<
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu:CyberSecurity UNIT
----
Bezpečnostná autorita fóra viry.cz Certifikát
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.

Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 14:28

Dobrý den,
omlouvám se za zpoždění, níže příkládám požadované

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-05-2019
# Duration: 00:00:17
# OS: Windows 10 Pro
# Scanned: 27501
# Detected: 2


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Mail.Ru Pulse
PUP.Optional.Mail.Ru Pulse

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [2363 octets] - [26/03/2019 19:38:40]
AdwCleaner[C00].txt - [2305 octets] - [26/03/2019 19:39:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########


Malwarebytes

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 05.06.19
Čas skenování: 14:17
Logovací soubor: e0b63044-878b-11e9-8103-68f728cf0bc1.json

-Informace o softwaru-
Verze: 3.7.1.2839
Verze komponentů: 1.0.586
Aktualizovat verzi balíku komponent: 1.0.10910
Licence: Bezplatný

-Systémová informace-
OS: Windows 10 (Build 17134.765)
CPU: x64
Systém souborů: NTFS
Uživatel: LENOVO-MARTIN\mrmar

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 294656
Zjištěné hrozby: 64
Hrozby umístěné do karantény: 0
Uplynulý čas: 4 min, 11 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\beliehdniadoecbonbhlcgbdldccfigp, Žádná uživatelská akce, [250], [678404],1.0.10910

Hodnota v registru: 2
PUP.Optional.MailRu, HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|BELIEHDNIADOECBONBHLCGBDLDCCFIGP, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 2\extensions.settings|BELIEHDNIADOECBONBHLCGBDLDCCFIGP, Žádná uživatelská akce, [250], [678404],1.0.10910

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 12
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\en, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\ru, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\img, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_metadata, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Extensions\BELIEHDNIADOECBONBHLCGBDLDCCFIGP, Žádná uživatelská akce, [250], [678404],1.0.10910

Soubor: 49
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\img\loaded-empty.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-dark-up.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-light-down.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-light-up.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\drag-arrows.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\search-cancel-button.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-128.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-16.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-32.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-48.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-128.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-16.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-32.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-48.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-128.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-16.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-32.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-48.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-128.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-16.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-32.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-48.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\black-cross.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\spinner.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\trash.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\white-cross.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\en\messages.json, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\ru\messages.json, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_metadata\verified_contents.json, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\page-script.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\app.bundle.css, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\app.bundle.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.bundle.css, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.bundle.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.html, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\context_mailru-plugin.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\manifest.json, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\page-script.css, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\prerender.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle.css, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle~background.bundle.css, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle~background.bundle.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~background.bundle.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\visual-bookmarks.html, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Secure Preferences, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Preferences, Žádná uživatelská akce, [250], [678404],1.0.10910
Generic.Malware/Suspicious, C:\PROGRAMDATA\KMSAUTOS\BIN\TUNMIRROR2.EXE, Žádná uživatelská akce, [0], [392686],1.0.10910

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK

Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 14:29

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-06-2019
Ran by mrmar (administrator) on LENOVO-MARTIN (LENOVO 20DF004UMC) (05-06-2019 14:23:16)
Running from C:\Users\mrmar\Downloads\Programs
Loaded Profiles: mrmar (Available Profiles: mrmar)
Platform: Windows 10 Pro Version 1803 17134.765 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
() [File not signed] C:\Program Files\Serviio\bin\ServiioService.exe
() [File not signed] C:\Program Files\Serviio\bin\ServiioService.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Don HO don.h@free.fr) [File not signed] C:\Program Files\Notepad++\notepad++.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_7ed9406f9c73fd1f\driver\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_7ed9406f9c73fd1f\driver\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.6.73.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123488 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [openvpn-gui] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [676992 2018-08-09] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Client Access Service] => C:\Program Files (x86)\IBM\Client Access\cwbsvstr.exe [24627 2007-03-12] (IBM Corporation) [File not signed]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4810224 2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4068464 2019-05-18] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\Run: [Free Download Manager] => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\MountPoints2: {04d93a52-a927-11e8-ba0d-806e6f6e6963} - "D:\TomoConLite.exe"
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\MountPoints2: {0cbbd0f0-aa06-11e8-ba12-34e6ad499d81} - "E:\.autorun\autorun.exe"
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\MountPoints2: {a593fbdf-0088-11e9-ba30-34e6ad499d81} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-05] (Google LLC -> Google LLC)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1F7C7403-8C8B-42CD-BF76-8DC1A68B5C89} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364808 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {25E9D19B-8DEA-404D-A20C-24682DFF29A9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {279B1ECB-A421-45DE-9CA6-5B2625C51E3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28FFD7F0-98EA-422C-867F-8B9FC9415A5B} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112312 2019-02-12] (Lenovo -> Lenovo)
Task: {3CDDA212-28E9-4B2C-992A-84917EFBB4ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3D2694B4-9F17-47B8-A5E8-2E2276F4738D} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [58552 2019-02-12] (Lenovo -> )
Task: {4789AC80-E39C-4C24-9119-4B53C9DE1B5C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209368 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {495249E8-863C-46DB-903B-CC610CE06D2A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-12-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {694DC9F7-3E73-4A26-BC81-4B0AAFBC1C62} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-26] (Google Inc -> Google Inc.)
Task: {6D258A89-56BE-4682-BF51-C84C43D7EBEE} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [10388872 2016-11-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7C747D8A-2DE1-44CD-891B-50D7F7E94FA2} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-01-25] (Lenovo -> )
Task: {87486B64-EFDE-4CC8-A681-6786045103FC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149520 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D9DCB9A-1845-410D-BF22-C08C598C218F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {90C4B805-F8C3-4D37-989E-ED14F738F2F0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209368 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {918BF854-661F-4ED1-9CD0-025770F4D9EA} - System32\Tasks\RtsCM => C:\Windows\RtsCM64.exe [232216 2016-08-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
Task: {9EF2DA42-0282-492F-AACB-824EBEACA059} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-01-25] (Lenovo -> )
Task: {A14202FA-DB2E-4B1B-8E91-7A99C4F22246} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166344 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A527FA88-3BA1-4B43-91AF-DD39C436642A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-26] (Google Inc -> Google Inc.)
Task: {ADFA2E6B-D4C9-45CC-AB91-C28ED7245136} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {DE2F168D-ABF9-4673-B4E4-76C9DEADAFA1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166344 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF096369-92C9-489E-A37D-458ED1B9E6CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E97F6D91-127E-4DEE-8BEB-31EA9C47E9CC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149520 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE327747-C732-4DED-A947-33EDD96A9525} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\Windows\System32\ibmpmsvc.exe [851800 2018-12-26] (Lenovo -> Lenovo.)
Task: {F42FBFCF-B529-4E77-9BE3-147CF098CC45} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364808 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5EA6204-15C2-4672-A8AE-23204A4D3596} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3611739075-2051146931-771507770-1001 => C:\Users\mrmar\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {F7ED1D5B-2DAB-441B-A503-B35533241224} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-mr.martinor@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{266a97a3-2088-4567-a7c5-87e86f060fac}: [DhcpNameServer] 172.20.1.185 172.20.1.190
Tcpip\..\Interfaces\{9b4170e7-c452-432b-b634-32aa00a592f8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{9b4170e7-c452-432b-b634-32aa00a592f8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e1bfacbf-2a13-4116-aef3-dc02e35adef1}: [DhcpNameServer] 172.20.1.185 172.20.1.190

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3611739075-2051146931-771507770-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-05-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-05-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Extension: (IDM Integration Module) -> EdgeExtension_TonecIncIDMIntegrationModule_e7b5mm5d3r6v2 => C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2018-08-26]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-02-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\mrmar\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\mrmar\AppData\Roaming\IDM\idmmzcc5 [2018-08-26] [Legacy] [not signed]
FF HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-18] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-18] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.google.com/"
CHR Profile: C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default [2019-06-05]
CHR Extension: (Google Translate) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-08-26]
CHR Extension: (Slides) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-26]
CHR Extension: (Docs) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-26]
CHR Extension: (Google Drive) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-26]
CHR Extension: (YouTube) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-21]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2019-02-07]
CHR Extension: (Samsung Internet) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\epejdmjgfibjaffbmojllapapjejipkh [2019-02-03]
CHR Extension: (Sheets) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-26]
CHR Extension: (Google Docs Offline) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-26]
CHR Extension: (AdBlock) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-28]
CHR Extension: (Google Play Music) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2018-08-26]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2019-01-11]
CHR Extension: (Grammarly for Chrome) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-06-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-04-01]
CHR Extension: (IDM Integration Module) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-05-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-26]
CHR Extension: (Gmail) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-05]
CHR Profile: C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-06-03]
CHR Extension: (Slides) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-08]
CHR Extension: (Docs) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-08]
CHR Extension: (Google Drive) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-08]
CHR Extension: (IBM Security Rapport) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-05-08]
CHR Extension: (Pulse) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp [2019-05-08]
CHR Extension: (YouTube) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-08]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-08]
CHR Extension: (Adobe Acrobat) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-08]
CHR Extension: (Sheets) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-08]
CHR Extension: (Google Docs Offline) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-10]
CHR Extension: (FormApps Extension) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2019-05-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-05-08]
CHR Extension: (IDM Integration Module) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-05-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-08]
CHR Extension: (Gmail) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-08]
CHR Extension: (Chrome Media Router) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-27]
CHR Profile: C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-09]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-05-18]
CHR HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [beliehdniadoecbonbhlcgbdldccfigp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-05-18]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [561512 2018-01-24] (Advanced Micro Devices, Inc. -> AMD)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [105248 2016-08-08] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11145800 2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [541896 2018-05-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370736 2018-09-18] (Intel Corporation -> Intel Corporation)
R2 Lenovo Instant On; C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe [2351288 2019-02-12] (Lenovo -> Lenovo Group Limited)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892760 2018-12-26] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 OpenVpnService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2018-08-09] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-08-09] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-08-09] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5274560 2019-04-15] (IBM -> IBM Corp.)
U2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449664 2018-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [942720 2018-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28768 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2018-09-02] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2018-12-05] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_7ed9406f9c73fd1f\driver\TPHKLOAD.exe [424320 2018-11-05] (Lenovo -> Lenovo Group Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0323078.inf_amd64_5ba5615185ab6bc6\atikmdag.sys [36584288 2018-01-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0323078.inf_amd64_5ba5615185ab6bc6\atikmpag.sys [537440 2018-01-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [32384 2018-03-14] (Sony Mobile Communications AB -> Sony Mobile Communications)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136720 2018-05-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel(R) Software -> Intel Corporation)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-06-05] (Malwarebytes Corporation -> Malwarebytes)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3530176 2018-03-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [44160 2018-12-26] (Lenovo -> Lenovo.)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [503000 2019-04-15] (IBM -> IBM Corp.)
R1 RapportCerberus_1930415; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930415.sys [1659544 2019-04-10] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [727000 2019-04-15] (IBM -> IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [463408 2019-04-15] (IBM -> IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [610648 2019-04-15] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [766616 2019-04-15] (IBM -> IBM Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [786688 2016-08-24] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3127576 2016-08-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [49136 2018-04-15] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_005c; C:\Windows\System32\drivers\RzDev_005c.sys [51696 2018-04-22] (Razer USA Ltd. -> Razer Inc)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [287360 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [119424 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2018-08-09] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
U3 dmwappushsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK

Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 14:29

FRST druhá část


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-05 14:22 - 2019-06-05 14:23 - 000000000 ____D C:\FRST
2019-06-05 14:22 - 2019-06-05 14:22 - 000000000 ____D C:\Users\mrmar\AppData\Local\Comms
2019-06-05 14:15 - 2019-06-05 14:15 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-06-05 14:14 - 2019-06-05 14:14 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-05 14:14 - 2019-06-05 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-05 14:14 - 2019-06-05 14:14 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-05 14:14 - 2019-06-05 14:14 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-05 14:14 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-06-05 14:14 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-06-05 12:05 - 2019-06-05 12:05 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2019-06-03 13:52 - 2019-06-03 14:14 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2019-06-03 13:52 - 2019-06-03 14:14 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2019-06-03 13:52 - 2019-06-03 13:52 - 000002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2019-06-01 18:19 - 2019-06-01 18:19 - 000770570 _____ C:\Users\mrmar\Downloads\calc075-flotily.xlsm
2019-05-31 10:55 - 2019-05-31 10:55 - 000376420 _____ C:\Users\mrmar\Desktop\flotila Rozsíval travel dodatek č.4 - připojištění.pdf
2019-05-31 10:51 - 2019-05-31 10:51 - 000222470 _____ C:\Users\mrmar\Downloads\flotila Rozsíval travel dodatek č.4 - připojištění.pdf
2019-05-30 17:49 - 2019-05-30 17:49 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\IBM
2019-05-30 17:49 - 2019-05-30 17:49 - 000000000 ____D C:\ProgramData\IBM
2019-05-30 10:34 - 2019-05-30 10:34 - 000000000 ____D C:\Users\mrmar\Documents\IBM
2019-05-30 10:30 - 1998-10-29 16:45 - 000306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2019-05-30 10:29 - 2019-05-30 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM iSeries Access for Windows
2019-05-30 10:29 - 2019-05-30 10:29 - 000000000 ____D C:\Users\Public\Documents\IBM
2019-05-30 10:29 - 2007-03-12 05:40 - 001007666 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbcore.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000561203 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbuna4d.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000525339 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsofui.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000279109 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsof.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000262195 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbunpla.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000254001 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbobj.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000208944 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbdb.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000196657 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbjob.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000190343 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsocmn.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000188467 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsohwr.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000184371 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsoprf.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000172080 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbdc.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000172032 _____ C:\Windows\SysWOW64\cwbrw.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000167985 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsfl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000155699 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbuncmn.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000139312 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbdq.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000127248 _____ (IBM Corporation) C:\Windows\SysWOW64\qxdaedrs.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000126976 _____ C:\Windows\cwbzip.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000106547 _____ (IBM Corporation) C:\Windows\SysWOW64\ca400cpl.cpl
2019-05-30 10:29 - 2007-03-12 05:40 - 000098353 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbprt.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000090163 _____ (IBM Corporation) C:\Windows\SysWOW64\bidiserv.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000081971 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbuncon.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000081970 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbbspc.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000073779 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsoltr.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000069683 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbunssl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000069683 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsolet.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000069683 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbbsspi.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000069680 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbup.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000065586 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbmsgl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000065584 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbrc.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000061491 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsoswp.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000057394 _____ (IBM Corporation) C:\Windows\cwbrest.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000053297 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbjbl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000049202 _____ (IBM Corporation) C:\Windows\cwbback.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000045110 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbunpls.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000041011 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsotif.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000041011 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsosmp.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000041008 _____ (IBM Corporation) C:\Windows\SysWOW64\cwblm.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000036915 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsotca.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000036915 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsorte.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000032819 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsoapi.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000032819 _____ (IBM Corporation) C:\Windows\cwbviewr.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000032817 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbad1.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000032816 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbdt.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000028723 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbuiutl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000028723 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbdbfmt.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000028720 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbar.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000024630 _____ C:\Windows\SysWOW64\cwbunplp.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000024627 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbuierr.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000024625 _____ (IBM Corporation) C:\Windows\rmtcmd.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000024576 _____ C:\Windows\SysWOW64\cwbsv.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000020531 _____ (IBM Corporation) C:\Windows\cwbunrse.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000020529 _____ C:\Windows\SysWOW64\cwbwiz.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000020480 _____ C:\Windows\SysWOW64\cwbsy.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000020480 _____ C:\Windows\SysWOW64\cwbnl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000020480 _____ C:\Windows\SysWOW64\cwbco.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000016384 _____ C:\Windows\SysWOW64\cwbnldlg.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000016384 _____ C:\Windows\SysWOW64\cwbad.dll
2019-05-30 10:29 - 2005-10-19 05:40 - 000040960 _____ (IBM Corporation) C:\Windows\SysWOW64\pcmfcenu.dll
2019-05-30 10:28 - 2019-05-30 10:28 - 000000000 ____D C:\Program Files (x86)\IBM
2019-05-30 10:25 - 1998-11-13 11:58 - 000307200 _____ (InstallShield Software Corporation) C:\Windows\IsUn0405.exe
2019-05-30 10:19 - 2019-06-05 12:06 - 000000000 ____D C:\Users\mrmar\Documents\Soubory aplikace Outlook
2019-05-30 10:09 - 2019-05-30 10:09 - 000000000 ____D C:\Users\mrmar\OpenVPN
2019-05-30 10:09 - 2019-05-30 10:09 - 000000000 ____D C:\Program Files\OpenVPN
2019-05-26 14:33 - 2019-05-28 22:26 - 000000000 ____D C:\Users\mrmar\AppData\LocalLow\Mozilla
2019-05-26 14:33 - 2019-05-26 14:33 - 000000000 ____D C:\Users\mrmar\Desktop\Tor Browser
2019-05-18 13:08 - 2018-12-20 09:05 - 000229296 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2019-05-18 12:41 - 2019-05-18 12:41 - 000033127 _____ C:\Users\mrmar\Downloads\np0514.pdf
2019-05-18 12:20 - 2019-05-18 12:20 - 000158292 _____ C:\Users\mrmar\Downloads\np4816.pdf
2019-05-18 12:15 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-05-18 12:15 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-05-18 12:15 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-05-18 12:15 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-05-18 12:15 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-05-18 12:15 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-05-18 12:15 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-05-18 12:15 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-05-18 12:15 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-05-18 12:15 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2019-05-18 12:15 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-05-18 12:15 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-05-18 12:15 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-05-18 12:15 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-05-18 12:15 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-05-18 12:15 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-05-18 12:15 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-05-18 12:15 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-05-18 12:15 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-18 12:15 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-05-18 12:15 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-05-18 12:15 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-05-18 12:15 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-05-18 12:15 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-05-18 12:15 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-05-18 12:15 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-05-18 12:15 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-05-18 12:15 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-05-18 12:15 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-05-18 12:15 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-05-18 12:15 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-05-18 12:15 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-05-18 12:15 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-05-18 12:15 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-05-18 12:15 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-05-18 12:15 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-05-18 12:15 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-05-18 12:15 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-05-18 12:15 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-05-18 12:15 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-05-18 12:15 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-05-18 12:15 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-05-18 12:15 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-05-18 12:15 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-05-18 12:15 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-05-18 12:15 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-05-18 12:15 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-05-18 12:15 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-05-18 12:15 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-05-18 12:15 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-05-18 12:15 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-05-18 12:15 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-05-18 12:15 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-05-18 12:15 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-05-18 12:15 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-05-18 12:15 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2019-05-18 12:15 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-05-18 12:15 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2019-05-18 12:15 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-05-18 12:14 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-05-18 12:14 - 2019-05-03 14:14 - 000304144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2019-05-18 12:14 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-05-18 12:14 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-05-18 12:14 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-05-18 12:14 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-05-18 12:14 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-05-18 12:14 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-05-18 12:14 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-05-18 12:14 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-05-18 12:14 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-05-18 12:14 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-05-18 12:14 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-05-18 12:14 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-05-18 12:14 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-05-18 12:14 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-05-18 12:14 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2019-05-18 12:14 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-05-18 12:14 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-05-18 12:14 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-05-18 12:14 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-05-18 12:14 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2019-05-18 12:14 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-05-18 12:14 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-05-18 12:14 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-05-18 12:14 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-05-18 12:14 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-05-18 12:14 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2019-05-18 12:14 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-05-18 12:14 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-05-18 12:14 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-05-18 12:14 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-05-18 12:14 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-05-18 12:14 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-05-18 12:14 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-05-18 12:14 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-05-18 12:14 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-05-18 12:14 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-05-18 12:14 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-05-18 12:14 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-05-18 12:14 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-05-18 12:14 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-05-18 12:14 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-05-18 12:14 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll
2019-05-18 12:14 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-18 12:14 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2019-05-18 12:14 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-05-18 12:14 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-05-18 12:14 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-05-18 12:14 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2019-05-18 12:14 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2019-05-18 12:14 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-05-18 12:14 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-05-18 12:14 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-05-18 12:14 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-05-18 12:14 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-05-18 12:14 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-05-18 12:14 - 2019-05-03 07:54 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-05-18 12:14 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-05-18 12:14 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2019-05-18 12:14 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-05-18 12:14 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-05-18 12:14 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-05-18 12:14 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-05-18 12:14 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-05-18 12:14 - 2019-05-03 06:38 - 000001310 _____ C:\Windows\system32\tcbres.wim
2019-05-18 12:14 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2019-05-18 12:14 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-18 12:14 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-05-18 12:14 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-05-18 12:14 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\RDSPnf.exe
2019-05-18 12:14 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\perfproc.dll
2019-05-18 12:14 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-05-18 12:14 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-05-18 12:14 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll
2019-05-18 12:14 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-05-18 12:14 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2019-05-18 12:14 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2019-05-18 12:14 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-05-18 12:14 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-05-18 12:14 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-05-18 12:14 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2019-05-18 12:14 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-05-18 12:14 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2019-05-18 12:14 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-05-18 12:14 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\fcon.dll
2019-05-18 12:14 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2019-05-18 12:14 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\EduPrintProv.exe
2019-05-18 12:14 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe
2019-05-18 12:14 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\JpnServiceDS.dll
2019-05-18 12:14 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2019-05-18 12:14 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\FilterDS.dll
2019-05-18 12:14 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetDriverInstall.dll
2019-05-18 12:14 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-05-18 12:14 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\Windows\system32\SDDS.dll
2019-05-18 12:14 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\BingASDS.dll
2019-05-18 12:14 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-05-18 12:14 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2019-05-18 12:14 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-05-18 12:14 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2019-05-18 12:14 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2019-05-18 12:14 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-05-18 12:14 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-05-18 12:14 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-05-18 12:14 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-05-18 12:14 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-05-18 12:14 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2019-05-18 12:14 - 2019-04-19 05:18 - 000806360 _____ C:\Windows\SysWOW64\locale.nls
2019-05-18 12:14 - 2019-04-19 05:18 - 000806360 _____ C:\Windows\system32\locale.nls
2019-05-18 12:14 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-05-18 12:14 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-05-18 12:14 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-05-18 12:14 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-05-18 12:14 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-05-18 12:08 - 2019-05-18 12:08 - 000134156 _____ C:\Users\mrmar\Downloads\np0912.pdf
2019-05-18 12:01 - 2018-09-18 22:29 - 039861904 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 038903984 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 034823848 _____ (Intel Corporation) C:\Windows\SysWOW64\igd11dxva32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 013062664 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 005136360 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 004268616 _____ (Intel Corporation) C:\Windows\system32\igd12umd64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 004240096 _____ (Intel Corporation) C:\Windows\SysWOW64\igd12umd32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 002393248 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 001858720 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 001816808 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 001814152 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000312184 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000297048 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000242168 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000222816 _____ (Intel Corporation) C:\Windows\system32\igdde64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000205368 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000184072 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000182968 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000181912 _____ (Intel Corporation) C:\Windows\SysWOW64\igdde32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000160280 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000160280 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000055256 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2019-05-18 12:01 - 2018-09-18 22:28 - 015478376 _____ (Intel Corporation) C:\Windows\system32\igc64.dll
2019-05-18 12:01 - 2018-09-18 22:28 - 013483080 _____ (Intel Corporation) C:\Windows\SysWOW64\igc32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 013650520 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 010328976 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 005683728 _____ (Intel Corporation) C:\Windows\system32\igdmcl64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 005262736 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 004931088 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 004368992 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 003972192 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmcl32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 001590800 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 001178744 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 001020968 _____ C:\Windows\system32\igfxSDK.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000964960 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000961376 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000705104 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000463712 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000445912 _____ (Intel Corporation) C:\Windows\system32\IntelCpHDCPSvc.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000438904 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000416272 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000398808 _____ C:\Windows\system32\igfxTray.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000393184 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000389752 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000388696 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000318480 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000273424 _____ C:\Windows\system32\igfxCPL.cpl
2019-05-18 12:01 - 2018-09-18 19:29 - 000266256 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000255072 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000233440 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000229216 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000228704 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000225296 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000193112 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000173656 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000111712 _____ ( ) C:\Windows\system32\igfxSDKLibv2_0.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000104024 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000103440 _____ C:\Windows\system32\igfxCUIServicePS.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000100880 _____ ( ) C:\Windows\system32\igfxSDKLib.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000099920 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000095328 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000085008 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000052752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000029280 _____ ( ) C:\Windows\system32\igfxDILib.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000029200 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000027744 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000027664 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000022648 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000022648 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2019-05-18 12:01 - 2018-09-18 19:28 - 029101456 _____ (Intel Corporation) C:\Windows\system32\common_clang64.dll
2019-05-18 12:01 - 2018-09-18 19:28 - 019861392 _____ (Intel Corporation) C:\Windows\SysWOW64\common_clang32.dll
2019-05-18 12:01 - 2018-09-18 19:28 - 000172384 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2019-05-18 12:01 - 2018-09-18 19:17 - 000830871 _____ C:\Windows\system32\DisplayAudiox64.cab
2019-05-18 12:01 - 2018-09-18 19:17 - 000004846 _____ C:\Windows\system32\iglhxs64.vp
2019-05-13 21:28 - 2019-05-13 21:32 - 000509980 _____ C:\Users\mrmar\Documents\ff - HVP plně odemčená sazbotvorba .pdf
2019-05-13 20:49 - 2019-05-13 20:49 - 000156450 _____ C:\Users\mrmar\Downloads\saz0753upr03-19.pdf
2019-05-13 20:46 - 2019-06-05 13:52 - 000760983 _____ C:\Users\mrmar\Downloads\ff - HVP plně odemčená sazbotvorba .xlsm
2019-05-11 11:33 - 2019-05-11 11:35 - 000000000 ____D C:\Program Files (x86)\DevID Agent
2019-05-11 11:33 - 2019-05-11 11:33 - 000001114 _____ C:\Users\mrmar\Desktop\DevID Agent.lnk
2019-05-11 11:33 - 2019-05-11 11:33 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\Microsoft\Windows\Start Menu\DevID
2019-05-11 10:50 - 2019-06-05 12:05 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-05-11 10:50 - 2019-05-11 10:50 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2019-05-08 16:29 - 2019-05-08 16:29 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2019-05-08 16:29 - 2019-05-08 16:29 - 000000000 ____D C:\Users\mrmar\Documents\Adobe
2019-05-08 16:24 - 2019-05-08 16:28 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-05-08 16:24 - 2019-05-08 16:24 - 000000000 ____D C:\Program Files\Adobe
2019-05-08 16:21 - 2019-05-08 17:38 - 000000000 ____D C:\Hovinko
2019-05-08 16:16 - 2019-05-08 16:16 - 000000928 _____ C:\Users\Public\Desktop\Unity 2018.3.4f1 (64-bit).lnk
2019-05-08 16:15 - 2019-05-08 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2018.3.4f1 (64-bit)
2019-05-08 16:05 - 2019-05-08 16:05 - 000795784 _____ C:\Users\mrmar\Downloads\UnityDownloadAssistant-2018.3.4f1.exe
2019-05-08 16:02 - 2019-05-08 16:07 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\UnityHub
2019-05-08 16:02 - 2019-05-08 16:02 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\Unity Hub
2019-05-08 12:39 - 2019-05-08 12:39 - 000029609 _____ C:\Users\mrmar\Downloads\Seznam Flotila Dubay - Direct + HVP + A4F.xlsx
2019-05-08 12:25 - 2019-05-08 12:25 - 000145565 _____ C:\Users\mrmar\Downloads\Čísla ENC aktualizováno 15.1.2019 - (Denča) (1).xlsx
2019-05-08 12:23 - 2019-05-08 12:23 - 004148124 _____ C:\Users\mrmar\Downloads\HVP tegze (2).pdf
2019-05-08 11:52 - 2019-05-08 11:52 - 004148124 _____ C:\Users\mrmar\Downloads\HVP tegze (1).pdf
2019-05-08 11:25 - 2019-05-08 11:25 - 004148124 _____ C:\Users\mrmar\Downloads\HVP tegze.pdf
2019-05-08 11:21 - 2019-05-08 11:37 - 000002432 _____ C:\Users\mrmar\Desktop\Martin - Chrome.lnk
2019-05-08 10:44 - 2019-05-08 10:44 - 000666425 _____ C:\Users\mrmar\Downloads\Zaměstnanecký program.zip
2019-05-08 10:44 - 2019-05-08 10:44 - 000000000 ____D C:\Users\mrmar\Downloads\Zaměstnanecký program

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-05 14:22 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-05 14:17 - 2018-08-26 13:11 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\DMCache
2019-06-05 14:14 - 2018-04-12 01:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-05 13:56 - 2018-08-26 12:56 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-06-05 13:52 - 2018-08-26 12:56 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-06-05 12:10 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-05 12:10 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-06-05 12:09 - 2018-08-26 13:06 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-05 12:09 - 2018-08-26 13:06 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-05 12:08 - 2019-04-01 10:58 - 000000000 ___RD C:\Users\mrmar\Disk Google
2019-06-05 12:05 - 2018-08-26 13:08 - 000000000 __SHD C:\Users\mrmar\IntelGraphicsProfiles
2019-06-03 20:07 - 2018-08-27 17:04 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\vlc
2019-06-03 20:03 - 2019-04-10 16:46 - 000000000 ____D C:\Users\mrmar\Downloads\Video
2019-06-03 14:15 - 2018-09-02 13:26 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-06-03 14:02 - 2018-10-31 11:49 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-06-03 13:52 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-06-03 13:51 - 2018-09-02 13:25 - 000000000 ____D C:\ProgramData\Adobe
2019-06-03 13:44 - 2018-08-26 13:01 - 001689050 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-03 13:44 - 2018-04-12 17:51 - 000716276 _____ C:\Windows\system32\perfh005.dat
2019-06-03 13:44 - 2018-04-12 17:51 - 000144534 _____ C:\Windows\system32\perfc005.dat
2019-06-03 13:38 - 2018-08-28 21:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-06-03 13:38 - 2018-08-26 13:09 - 000003700 _____ C:\Windows\System32\Tasks\Lenovo Power Management Driver PnP Task
2019-06-03 13:38 - 2018-08-26 12:56 - 000411312 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-03 13:38 - 2018-08-26 12:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-03 13:30 - 2018-08-26 13:10 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-06-03 13:30 - 2018-04-11 23:04 - 000786432 _____ C:\Windows\system32\config\BBI
2019-06-01 18:23 - 2019-04-01 12:55 - 000000000 ____D C:\Users\mrmar\Downloads\Compressed
2019-06-01 18:20 - 2018-08-26 13:03 - 000000000 ____D C:\Users\mrmar\AppData\Local\Packages
2019-05-31 17:39 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2019-05-31 15:45 - 2019-03-23 13:16 - 000000000 ____D C:\Users\mrmar\Desktop\HVP
2019-05-31 14:24 - 2018-11-08 15:29 - 000000000 ____D C:\Users\mrmar\AppData\Local\LenovoServiceBridge
2019-05-30 10:19 - 2018-08-28 21:19 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\TeamViewer
2019-05-30 10:09 - 2018-08-26 13:00 - 000000000 ____D C:\Users\mrmar
2019-05-27 20:22 - 2018-08-26 19:28 - 000000000 ____D C:\Program Files\Microsoft Office
2019-05-26 23:46 - 2018-08-27 19:23 - 000002361 _____ C:\Users\mrmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-26 23:46 - 2018-08-26 13:07 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3611739075-2051146931-771507770-1001
2019-05-26 23:46 - 2018-08-26 13:05 - 000000000 ___RD C:\Users\mrmar\OneDrive
2019-05-25 18:04 - 2018-08-26 13:11 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\IDM
2019-05-25 18:03 - 2018-08-26 13:11 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2019-05-18 17:37 - 2018-09-02 13:26 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-18 17:22 - 2018-09-02 10:14 - 000016902 _____ C:\Windows\system32\results.xml
2019-05-18 17:19 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-05-18 17:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2019-05-18 17:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2019-05-18 17:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-05-18 17:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2019-05-18 12:21 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-05-18 12:14 - 2018-08-27 18:25 - 000000000 ____D C:\Windows\system32\MRT
2019-05-18 12:10 - 2018-08-27 18:24 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-05-18 12:08 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-05-18 12:04 - 2018-08-26 13:08 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2019-05-18 12:02 - 2018-08-26 13:08 - 000000000 ____D C:\Intel
2019-05-18 11:58 - 2018-11-16 18:17 - 000000000 ____D C:\Program Files\rempl
2019-05-18 11:53 - 2018-08-26 13:06 - 000003472 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-18 11:53 - 2018-08-26 13:06 - 000003348 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-11 10:50 - 2018-08-26 13:08 - 000000000 ____D C:\Program Files (x86)\Intel
2019-05-08 17:37 - 2018-11-28 20:08 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2019-05-08 17:37 - 2018-11-28 20:08 - 000000865 _____ C:\Users\Public\Desktop\Notepad++.lnk
2019-05-08 17:37 - 2018-11-28 20:08 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\Notepad++
2019-05-08 17:37 - 2018-11-28 20:08 - 000000000 ____D C:\Program Files\Notepad++
2019-05-08 16:30 - 2018-08-26 13:03 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\Adobe
2019-05-08 16:24 - 2018-09-02 13:26 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-05-08 16:24 - 2018-08-26 13:11 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-07 19:10 - 2018-10-09 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2019-05-06 20:25 - 2018-09-24 09:50 - 000000000 ____D C:\Users\mrmar\AppData\Local\CrashDumps

==================== Files in the root of some directories =======

2018-10-31 11:47 - 2018-10-31 11:47 - 000000410 _____ () C:\Users\mrmar\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

==========================
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK

Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 14:30

FRST Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-06-2019
Ran by mrmar (05-06-2019 14:24:59)
Running from C:\Users\mrmar\Downloads\Programs
Windows 10 Pro Version 1803 17134.765 (X64) (2018-08-26 10:58:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3611739075-2051146931-771507770-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3611739075-2051146931-771507770-503 - Limited - Disabled)
Guest (S-1-5-21-3611739075-2051146931-771507770-501 - Limited - Disabled)
mrmar (S-1-5-21-3611739075-2051146931-771507770-1001 - Administrator - Enabled) => C:\Users\mrmar
WDAGUtilityAccount (S-1-5-21-3611739075-2051146931-771507770-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2080, 07.07.2018 - AIMP DevTeam)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.)
Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
Balíček ovladače systému Windows - Silicon Laboratories (silabenm) Ports (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
Balíček ovladačů pro úsporný režim (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.10.00 (28.05.2015) - Samsung Electronics Co., Ltd.)
Call of Duty 4 - Modern Warfare verze 1.7 (HKLM-x32\...\{826D7727-6105-4C5D-A049-E4BADBC8BAAB}_is1) (Version: 1.7 - tomi2k9)
Catalyst Control Center Next Localization BR (HKLM\...\{CCE76752-1A82-EF43-4B55-6C5154F0112E}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{9C4FCC2E-4E4F-5CDF-1A60-336B5A7E49CB}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2A1637CE-9314-EA72-0F2C-E6E8CC805B7B}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A71A7061-5728-3DA3-D58C-CDAFA87AD725}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{EA137731-99F1-E42D-6D5C-49F16BF5F868}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{2CFF01A0-C485-8455-B331-0A6B8756E232}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A79098E5-9593-F299-470E-571B9F255A48}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{5D8C735C-C28F-E8EF-80B2-96EAF42F401A}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B8255085-FBE7-7C3F-3397-23DC07C21297}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A5539B0-B4EE-3A5E-29F9-63EDF84A79E2}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{EEF7A56C-6AD1-3176-83D7-9C4AC45A447C}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{3A3B6A80-249F-7651-CD12-23FD2E7C1932}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{29612BF6-6D8A-4CE8-12AC-777144642135}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{739859D8-9A12-6540-9B25-EDF09B43C845}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{144FC26D-3A27-2608-5C4C-DF59A2A3ACD1}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{B40D1236-0751-4C78-2E4C-A865235BAF52}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F2F82D32-807F-1214-CB1F-B734B4E26398}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{29306290-76E1-BF93-BD39-C548495CC4E4}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3AE6129D-AEE2-6A23-A335-1804470CE6EA}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{91E744CE-5472-1E15-0E89-69187A437656}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{6220990C-8452-DB19-A2A8-8F2B81057151}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
cwbin64a (HKLM\...\{B84E3B73-8A6D-434A-B656-327A560BDE24}) (Version: 05.04.0000 - IBM) Hidden
DevID Agent (HKLM-x32\...\DevID_Agent) (Version: 4,48 - DevID)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Exodus (HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\exodus) (Version: 19.4.26 - Exodus Movement Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.80 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
HP Color LaserJet Pro MFP M477 (HKLM-x32\...\{15758d59-89d2-4595-b92f-0145a142f8f7}) (Version: 16.0.17171.700 - Hewlett-Packard)
HP Dropbox Plugin (HKLM-x32\...\{19EDEC5D-055E-4AD0-88AC-C342608FC47E}) (Version: 36.0.445.57508 - HP)
HP Google Drive Plugin (HKLM-x32\...\{1B225296-B1F1-40B3-8427-844E97CB2D1B}) (Version: 36.0.445.57508 - HP)
HPCLJProMFPM477 (HKLM-x32\...\{9F4A8FAA-994E-4623-AB4C-D00F51DA189D}) (Version: 0.05.0000 - Hewlett-Packard) Hidden
IBM iSeries Access for Windows (HKLM-x32\...\ClientAccessExpress) (Version: - )
IBM iSeries Access for Windows SI37892 (HKLM-x32\...\ClientAccessExpressSP) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{b23c55fa-5271-4d64-ba8f-6718be55b9a7}) (Version: 10.1.1.33 - Intel(R) Corporation) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0078 - Lenovo)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0005 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1289.727 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6.6 - Notepad++ Team)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.429 - Trusteer)
OpenVPN 2.4.5 (HKLM\...\OpenVPN) (Version: 2.4.5 - LinuxBox.cz)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.0.277 - Jan Fiala)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
PX Profile Update (HKLM-x32\...\{45B33743-2770-5555-71B0-3D96AD15536E}) (Version: 1.00.1. - AMD) Hidden
RAPID Mode (HKLM\...\{AE75272A-6421-4A65-80F8-31568BCF6E75}) (Version: 1.0.0.101 - Samsung Electronics Co., Ltd.) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.429 - Trusteer) Hidden
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.17.2 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21290 - Realtek Semiconductor Corp.)
Samsung Easy Color Manager (HKLM-x32\...\Samsung Easy Color Manager) (Version: 4.00.14.00 (05.11.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.53 (30.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.24 - HP Printing Korea Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.28 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.32 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 3.31.81.01:10 - Samsung Electronics Co., Ltd.)
Serviio (HKLM\...\Serviio) (Version: 1.10.1 - Six Lines Ltd)
Skype verze 8.28 (HKLM-x32\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) Hidden
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
Unity (HKLM-x32\...\Unity) (Version: 2018.3.4f1 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Visual Studio Community 2017 (HKLM-x32\...\8c765e16) (Version: 15.8.28010.2003 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
vs_communitymsi (HKLM-x32\...\{4C60D242-B039-4DBB-A202-BE55478E8500}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{226CCDB6-96F9-4DE6-9CCC-DB49D0A0A971}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DC4F558F-90E2-4B9C-8A2B-5DD92EF71F84}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{31312BFA-5D30-4B56-BACB-BFE26CE2E285}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{082DBA20-8C1E-4D4C-85F4-A813283B7849}) (Version: 15.8.28010 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B8B65A93-F72B-42C2-AE1A-FF440B44BB67}) (Version: 15.0.26621 - Microsoft Corporation) Hidden

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.520.0_x64__rz1tebttyb220 [2019-03-13] (Dolby Laboratories)
IDM Integration Module -> C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2018-08-26] (Tonec Inc.)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_18.2.500.0_x64__4n2hpmxwrvr6p [2019-04-30] (XBMC Foundation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.3.4032.0_x86__8wekyb3d8bbwe [2019-04-15] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.375.0_x64__mcm4njqhnhss8 [2019-02-22] (Netflix, Inc.)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2018-09-02] (Samsung Electronics Co. Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3611739075-2051146931-771507770-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-08-27] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-11-13] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-08-27] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-12-27] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-3611739075-2051146931-771507770-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\mrmar\Desktop\Rayman.bat – zástupce.lnk -> C:\Users\mrmar\Downloads\Compressed\rayman12eu_dos_win\Rayman1.2\Rayman.bat (No File)

ShortcutWithArgument: C:\Users\mrmar\Desktop\Martin - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\mrmar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Kamil - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) ==============

2019-02-18 20:55 - 2019-02-18 20:55 - 000048128 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\cs_cz\PDFMaker\PDFMOutlookAddin.CZE
2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2018-08-09 15:29 - 2018-08-09 15:29 - 000676992 _____ () [File not signed] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2018-12-05 03:12 - 2018-12-05 03:12 - 000413696 _____ () [File not signed] C:\Program Files\Serviio\bin\ServiioService.exe
2018-05-17 10:07 - 2018-05-17 10:07 - 000087552 _____ () [File not signed] C:\Windows\system32\SSDEVM64.DLL
2019-02-18 20:55 - 2019-02-18 20:55 - 000055296 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\cs_cz\Adobe Send\SendAsLinkAddin.CZE
2017-12-27 05:54 - 2017-12-27 05:54 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2017-12-27 05:55 - 2017-12-27 05:55 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamcsy.dll
2019-04-03 23:55 - 2019-04-03 23:55 - 003441664 _____ (Don HO don.h@free.fr) [File not signed] C:\Program Files\Notepad++\notepad++.exe
2019-03-06 04:16 - 2019-03-06 04:16 - 000113152 _____ (Don HO don.h@free.fr) [File not signed] C:\Program Files\Notepad++\plugins\mimeTools\mimeTools.dll
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2018-08-26 19:28 - 2018-08-26 19:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2018-08-26 19:28 - 2018-08-26 19:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2019-06-03 14:02 - 000004625 _____ C:\Windows\system32\drivers\etc\hosts

0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com

There are 88 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\PuTTY\;C:\PROGRA~2\IBM\CLIENT~1;C:\PROGRA~2\IBM\CLIENT~1\Shared;C:\PROGRA~2\IBM\CLIENT~1\Emulator;
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\StartupApproved\StartupFolder: => "Lingea Update Center.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{873AD111-02D1-439D-92FB-A72170C0F8A9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B620B035-0D50-4EAC-A99E-A3EBCD498B99}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{D4D7146C-B0B3-4B86-84D6-2F64D1338A4F}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe No File
FirewallRules: [UDP Query User{7C3FB012-56E5-4E30-A7ED-21B190EB9E89}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe No File
FirewallRules: [TCP Query User{3490C4A8-B398-472C-A69C-DC75E1CD56BF}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [UDP Query User{0A366A7C-F57E-4542-88BD-52F3914BE9B8}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [{9D4FC888-FDA8-4817-BEDC-A7A611B627E9}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{BBD482AE-6585-4E35-9871-2FF2604BFC37}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F49F621B-DA85-4CB8-A412-44D360C96998}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> )
FirewallRules: [{58B9FBD9-1A02-47D8-86B0-EF12BAAC8E91}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{A8AFCD1E-CB21-4F66-AB57-1CD9EF7E70AA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{849F8CC7-B823-4547-868C-7276F9E91448}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> )
FirewallRules: [{02B30D7A-43CB-4F6A-9C40-299B162DF8F2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A4E585ED-1179-4DC8-A1E5-00BBA3A97CAD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{EC18F5D8-6220-4392-8A64-0C1932070335}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{22986DE2-C8E6-47B0-B232-DEA87BF52BC2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{3FC9DEBF-673C-437F-88E6-D6D9D3226C8F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{7A993EE8-3FD8-4113-9464-462B097F4C81}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{46813B59-BC0B-47F8-91C3-1338331CA7DA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{0290D131-66F7-4B0C-B192-057C229341F7}] => (Allow) C:\Program Files (x86)\Samsung Easy Color Manager\Samsung Easy Color Manager.exe (Samsung Electronics CO., LTD. -> Samsung)
FirewallRules: [TCP Query User{4C3A7515-6336-4078-89D7-56E2519917D9}C:\programdata\sony mobile\update engine\{0d4c939f-ca39-49bb-9949-3d1f83a2c749}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{0d4c939f-ca39-49bb-9949-3d1f83a2c749}\sony mobile update engine.exe No File
FirewallRules: [UDP Query User{EF827B4F-6F71-4122-B389-C2FAB1817FEA}C:\programdata\sony mobile\update engine\{0d4c939f-ca39-49bb-9949-3d1f83a2c749}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{0d4c939f-ca39-49bb-9949-3d1f83a2c749}\sony mobile update engine.exe No File
FirewallRules: [{B0D2328F-2D12-4ED7-8D4D-2436E739F82D}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe No File
FirewallRules: [{F243D72B-A342-4691-8C1F-623B164AAC0F}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe No File
FirewallRules: [{EF8B069A-7E9A-4799-858D-C17CFDA380B8}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe No File
FirewallRules: [{4E2B5E30-FCC4-44CD-BBFA-05B8FA9B5B84}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe No File
FirewallRules: [{8A1390E2-FB17-454F-884E-1A7A685BA586}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\syst\luc.exe No File
FirewallRules: [{02265B4F-339E-4720-B226-7D344E591896}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\syst\luc.exe No File
FirewallRules: [{E14EF38F-9262-40D2-9A91-95713A5894E8}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\syst\luc.exe No File
FirewallRules: [{D6693046-F634-44C8-9D14-985B77E5F1AA}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\syst\luc.exe No File
FirewallRules: [{1A605FC6-3B00-432A-8EBD-456E60844D29}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\LexWin.exe No File
FirewallRules: [{91A879E2-6E77-493E-807E-463B398B35C2}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\LexWin.exe No File
FirewallRules: [{DA087A88-C70C-4BC0-B3F8-853B07FAA106}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\LexWin.exe No File
FirewallRules: [{3409BC20-2D70-4FBC-96B2-3CDD5F77BE8C}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\LexWin.exe No File
FirewallRules: [{D4869629-4ACF-4139-A000-9C3193BB50DF}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe No File
FirewallRules: [{460E1AE8-8185-4BBC-95CE-98419462C175}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe No File
FirewallRules: [{5DEF61D2-68B8-4682-8CC8-753F9C21C0D0}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe No File
FirewallRules: [{50A48826-A0E5-4E9D-94CD-83C4192A64AC}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe No File
FirewallRules: [{469440CF-A210-42B4-BF6F-EBE45BF9F827}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Setup.exe No File
FirewallRules: [{C1774007-E191-449F-AD8F-B42E3DC59596}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Setup.exe No File
FirewallRules: [{F97C67E3-7BAD-4B65-9613-19D3153F1B6C}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Setup.exe No File
FirewallRules: [{7748B54D-FB1C-447F-AE3A-D1A82F3793DF}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Setup.exe No File
FirewallRules: [TCP Query User{3A232EC6-93E1-4E67-85B6-FC8E4B47106F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{1E5FCB6F-32A4-4E95-8686-68E2FD912BAD}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{451FAA71-012C-45CA-AAEA-8620033027FF}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{DFBC5B0A-BE7C-44E0-8963-729CC9EE06D7}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{06EB8EA0-CBFF-4C6E-B283-E46B18C962AE}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{91D46341-5CD2-419F-838B-071F6A64091C}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{4D980459-1368-4537-BC2B-0107F2A4B55A}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [File not signed]
FirewallRules: [{17808EDE-E5FC-433A-86FA-A24CDAA63F3D}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [File not signed]
FirewallRules: [{C7144189-69C5-4F55-B841-BDB763814E8E}] => (Allow) C:\Program Files\Serviio\console\ServiioConsole.exe (Six Lines Ltd) [File not signed]
FirewallRules: [{F979F4B8-4E1D-4318-BE21-570EB1FB6A3E}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{12A2E6D2-C871-4C00-9D4E-96D23123C76F}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{A5869D4C-3384-488B-A683-38E6EF69C7BF}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{98D102B7-A740-4AF8-9D17-5E2BD057311B}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [TCP Query User{801ADA38-4D8D-413B-8CE1-3DEDC67E5FDD}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{00F8E3EF-3EDA-4EA0-B1B0-02119814810B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{0272BFBF-3EE0-40A2-B887-C8F8027A56D1}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe No File
FirewallRules: [UDP Query User{59F6D10B-11A0-4BAC-9DCE-BC075DD4AB19}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe No File
FirewallRules: [{DCF865DF-3E65-4014-90AB-03A7732E129A}] => (Allow) LPort=1688
FirewallRules: [{47EC36E9-598C-4B44-A1A5-BECC6B1AE200}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{CE59A1E8-29CB-4CA6-9CC4-6851E70C567C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{CBEBDF77-C5B5-4981-962A-FF3B221CD53C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1E568553-A0E0-476F-AB67-982E80FB34DD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B5FAF719-2874-47F0-AF79-8A69186C8C57}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{413CC7AB-14B0-4903-BC7D-E95F5A7923DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CAF39ECB-A16C-44FE-8AFD-631D378F048D}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe No File
FirewallRules: [TCP Query User{BF9252D2-2386-49C6-8107-E6538B3B7874}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe No File
FirewallRules: [UDP Query User{AD532FB1-F980-4085-8972-157115F6BC2B}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe No File
FirewallRules: [{0E2C00DA-D80C-4563-9DF1-A8B9133C534E}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{03D0E675-958F-4558-A2BE-6F268775E871}] => (Block) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{176CE030-3305-4F7D-89B1-EEAACD58C8AA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A9852750-5951-42B2-891B-57143366B792}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

25-05-2019 18:23:31 Naplánovaný kontrolní bod
02-06-2019 18:53:25 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2019 01:52:51 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:

Error: (06/03/2019 01:53:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:52:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:52:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:52:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:52:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:52:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:48:37 PM) (Source: MsiInstaller) (EventID: 11305) (User: LENOVO-MARTIN)
Description: Produkt: Adobe Acrobat DC -- Chyba 1305.Chyba čtení ze souboru C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Multimedia Skins\Players\AudioPlayer.swf. Zkontrolujte, zda soubor existuje a zda je pro vás přístupný.


System errors:
=============
Error: (06/05/2019 01:56:53 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-MARTIN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LENOVO-MARTIN\mrmar (SID: S-1-5-21-3611739075-2051146931-771507770-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/05/2019 01:52:57 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-MARTIN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LENOVO-MARTIN\mrmar (SID: S-1-5-21-3611739075-2051146931-771507770-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/05/2019 12:06:35 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-MARTIN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LENOVO-MARTIN\mrmar (SID: S-1-5-21-3611739075-2051146931-771507770-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/05/2019 12:05:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/05/2019 12:05:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/05/2019 12:05:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/04/2019 04:05:44 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-MARTIN)
Description: Server {7160A13D-73DA-4CEA-95B9-37356478588A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/04/2019 04:05:44 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-MARTIN)
Description: Server {7160A13D-73DA-4CEA-95B9-37356478588A} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2019-06-03 13:44:50.184
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_G:\adobe\Adobe Acrobat Pro 20035 x86x64 Final CZ+SK+HU 2018!\KEYGEN!.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LENOVO-MARTIN\mrmar
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.293.2791.0, AS: 1.293.2791.0, NIS: 1.293.2791.0
Verze modulu: AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-06-03 13:44:17.480
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_G:\adobe\Adobe Acrobat Pro 20035 x86x64 Final CZ+SK+HU 2018!\KEYGEN!.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LENOVO-MARTIN\mrmar
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.293.2791.0, AS: 1.293.2791.0, NIS: 1.293.2791.0
Verze modulu: AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-06-02 18:27:13.265
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {89BE2A41-033A-4858-BEAE-A45ED143BB0D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-01 18:35:15.526
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {91C74553-65DD-46DE-9124-97F21E35D4F5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-01 17:36:31.181
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {06874A7E-0AAD-4168-9766-F822196D6AD7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-25 09:52:36.825
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.2116.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-02-28 19:22:02.728
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:MSIL/AutoKMS
ID: 2147711767
Závažnost: Vysoké
Kategorie: Nástroj
Uživatel: LENOVO-MARTIN\mrmar
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze podpisu: AV: 1.291.384.0, AS: 1.291.384.0
Verze modulu: 1.1.15800.1

Date: 2019-02-28 19:21:50.074
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:MSIL/AutoKMS
ID: 2147711767
Závažnost: Vysoké
Kategorie: Nástroj
Uživatel: LENOVO-MARTIN\mrmar
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze podpisu: AV: 1.291.384.0, AS: 1.291.384.0
Verze modulu: 1.1.15800.1

Date: 2019-03-26 10:01:14.459
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.223.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-03-24 12:10:46.045
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.137.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-06-05 14:19:24.348
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:24.272
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:24.178
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:24.117
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:23.946
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:23.851
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:23.756
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:23.638
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

==================== Memory info ===========================

BIOS: LENOVO J5ET63WW (1.34 ) 09/26/2018
Motherboard: LENOVO 20DF004UMC
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 7926.18 MB
Available physical RAM: 2982.33 MB
Total Virtual: 13302.18 MB
Available Virtual: 4256.17 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:857.94 GB) (Free:718.61 GB) NTFS

\\?\Volume{1c499feb-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 1C499FEB)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=857.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu - Adware chrome

Příspěvekod jaro3 » 05 čer 2019 18:39

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Skenování“ , po prohledání klikni na „ Čištění

Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 20:50

Ok díky, teď jak na tom budu pracovat, budu to postupně posílat, stejně je tam omezení znaků a nelze to poslat v jednom příspěvku :)

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-05-2019
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Pulse
Deleted Pulse

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1289 octets] - [05/06/2019 20:46:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK

Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 21:06

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by mrmar (Administrator) on 05.06.2019 at 20:52:46,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\Users\mrmar\AppData\Local\pdfforge (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Lenovo Power Management Driver PnP Task (Task)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Free Download Manager (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.06.2019 at 20:58:11,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK

Uživatelský avatar
Martinor
Level 3
Level 3
Příspěvky: 437
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 21:22

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 05.06.19
Čas skenování: 21:18
Logovací soubor: a97a6b3c-87c6-11e9-8546-68f728cf0bc1.json

-Informace o softwaru-
Verze: 3.7.1.2839
Verze komponentů: 1.0.586
Aktualizovat verzi balíku komponent: 1.0.10914
Licence: Bezplatný

-Systémová informace-
OS: Windows 10 (Build 17134.765)
CPU: x64
Systém souborů: NTFS
Uživatel: LENOVO-MARTIN\mrmar

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 297410
Zjištěné hrozby: 63
Hrozby umístěné do karantény: 63
Uplynulý čas: 3 min, 53 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\beliehdniadoecbonbhlcgbdldccfigp, V karanténě, [250], [678404],1.0.10914

Hodnota v registru: 2
PUP.Optional.MailRu, HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|BELIEHDNIADOECBONBHLCGBDLDCCFIGP, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 2\extensions.settings|BELIEHDNIADOECBONBHLCGBDLDCCFIGP, V karanténě, [250], [678404],1.0.10914

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 12
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\en, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\ru, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\img, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_metadata, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Extensions\BELIEHDNIADOECBONBHLCGBDLDCCFIGP, V karanténě, [250], [678404],1.0.10914

Soubor: 48
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\img\loaded-empty.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-dark-up.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-light-down.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-light-up.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\drag-arrows.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\search-cancel-button.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-128.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-16.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-32.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-48.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-128.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-16.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-32.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-48.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-128.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-16.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-32.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-48.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-128.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-16.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-32.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-48.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\black-cross.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\spinner.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\trash.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\white-cross.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\en\messages.json, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\ru\messages.json, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_metadata\verified_contents.json, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\page-script.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\app.bundle.css, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\app.bundle.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.bundle.css, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.bundle.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.html, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\context_mailru-plugin.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\manifest.json, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\page-script.css, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\prerender.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle.css, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle~background.bundle.css, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle~background.bundle.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~background.bundle.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\visual-bookmarks.html, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Nahrazen, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Preferences, Nahrazen, [250], [678404],1.0.10914
Generic.Malware/Suspicious, C:\PROGRAMDATA\KMSAUTOS\BIN\TUNMIRROR2.EXE, V karanténě, [0], [392686],1.0.10914

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Lenovo IdeaPad S540-15IWL- verze 81SW000VCK

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu - Adware chrome

Příspěvekod jaro3 » 05 čer 2019 22:56

Ještě to další.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 17 hostů