Kontrola logu - Adware chrome Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
Martinor
Level 2.5
Level 2.5
Příspěvky: 398
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž

Kontrola logu - Adware chrome

Příspěvekod Martinor » 01 dub 2019 11:16

Dobrý den,


v chrome mě vyskakuje Adware, reklama která tam nepatří + vyskakovací okna. Prosím o radu. Děkuji

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:15:31, on 01.04.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\mrmar\Downloads\Programs\HijackThis.exe
C:\Users\mrmar\Downloads\Programs\HijackThis2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll
O2 - BHO: PDF Architect 6 Helper - {9FD094B1-A4BF-415A-82AE-8C2845D0B769} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
O4 - HKCU\..\Run: [XperiaCompanionAgent] "C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{9b4170e7-c452-432b-b634-32aa00a592f8}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @oem8.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service (ApHidMonitorService) - Alps Electric Co., Ltd. - C:\Program Files\Apoint2K\HidMonitorSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\elevation_service.exe
O23 - Service: GoPro Device Detection Service (GoProDeviceDetectionService) - Unknown owner - C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem53.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\System32\ibmpmsvc.exe (file missing)
O23 - Service: @oem2.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\Windows\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyResume Service (Lenovo Instant On) - Lenovo Group Limited - C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe
O23 - Service: @oem53.inf,%Lenovo.svcDesc1%;Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\System32\LPlatSvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect 6 - pdfforge GmbH - C:\Program Files\PDF Architect 6\ws.exe
O23 - Service: PDF Architect 6 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe
O23 - Service: PDF Architect 6 Update Service - pdfforge GmbH - C:\Program Files\PDF Architect 6\updater-ws.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: RemoteMouseService - Unknown owner - C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_7ed9406f9c73fd1f\driver\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing)
O23 - Service: Služba Xperia Companion (XperiaCompanionService) - Sony - C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe

--
End of file - 15546 bytes


Lenovo E550

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39707
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu - Adware chrome

Příspěvekod jaro3 » 01 dub 2019 19:04

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Diallix
Level 2
Level 2
Příspěvky: 171
Registrován: říjen 08
Pohlaví: Nespecifikováno

Re: Kontrola logu - Adware chrome

Příspěvekod Diallix » 04 dub 2019 07:17

Po vykonani horeuvedenych postupov, prosim, urobte este nasledovne:


- Stiahnite nastroj FRST, 32/64 bitovy, podla vasho systemu odtialto: https://www.bleepingcomputer.com/downlo ... scan-tool/
- Ulozte program FRST na plochu.
- Spustite program FRST a v okne Whitelist oznacte chlieviky Registry, Services, Drivers, Processes, Internet a v okne Optional Scan oznacte Addition.txt.
- Pokracujte tlacidlom Scan.
- Zacne sken, ktory moze trvat istu chvilu.
- Po skene sem vlozte logy: FRST + ADDITION
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu:CyberSecurity UNIT
----
Bezpečnostná autorita fóra viry.cz Certifikát
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Uživatelský avatar
Martinor
Level 2.5
Level 2.5
Příspěvky: 398
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 14:28

Dobrý den,
omlouvám se za zpoždění, níže příkládám požadované

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-05-2019
# Duration: 00:00:17
# OS: Windows 10 Pro
# Scanned: 27501
# Detected: 2


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Mail.Ru Pulse
PUP.Optional.Mail.Ru Pulse

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [2363 octets] - [26/03/2019 19:38:40]
AdwCleaner[C00].txt - [2305 octets] - [26/03/2019 19:39:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########


Malwarebytes

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 05.06.19
Čas skenování: 14:17
Logovací soubor: e0b63044-878b-11e9-8103-68f728cf0bc1.json

-Informace o softwaru-
Verze: 3.7.1.2839
Verze komponentů: 1.0.586
Aktualizovat verzi balíku komponent: 1.0.10910
Licence: Bezplatný

-Systémová informace-
OS: Windows 10 (Build 17134.765)
CPU: x64
Systém souborů: NTFS
Uživatel: LENOVO-MARTIN\mrmar

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 294656
Zjištěné hrozby: 64
Hrozby umístěné do karantény: 0
Uplynulý čas: 4 min, 11 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\beliehdniadoecbonbhlcgbdldccfigp, Žádná uživatelská akce, [250], [678404],1.0.10910

Hodnota v registru: 2
PUP.Optional.MailRu, HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|BELIEHDNIADOECBONBHLCGBDLDCCFIGP, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 2\extensions.settings|BELIEHDNIADOECBONBHLCGBDLDCCFIGP, Žádná uživatelská akce, [250], [678404],1.0.10910

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 12
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\en, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\ru, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\img, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_metadata, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Extensions\BELIEHDNIADOECBONBHLCGBDLDCCFIGP, Žádná uživatelská akce, [250], [678404],1.0.10910

Soubor: 49
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\img\loaded-empty.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-dark-up.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-light-down.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-light-up.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\drag-arrows.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\search-cancel-button.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-128.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-16.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-32.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-48.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-128.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-16.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-32.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-48.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-128.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-16.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-32.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-48.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-128.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-16.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-32.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-48.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\black-cross.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\spinner.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\trash.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\white-cross.png, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\en\messages.json, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\ru\messages.json, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_metadata\verified_contents.json, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\page-script.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\app.bundle.css, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\app.bundle.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.bundle.css, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.bundle.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.html, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\context_mailru-plugin.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\manifest.json, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\page-script.css, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\prerender.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle.css, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle~background.bundle.css, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle~background.bundle.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~background.bundle.js, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\visual-bookmarks.html, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Secure Preferences, Žádná uživatelská akce, [250], [678404],1.0.10910
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Preferences, Žádná uživatelská akce, [250], [678404],1.0.10910
Generic.Malware/Suspicious, C:\PROGRAMDATA\KMSAUTOS\BIN\TUNMIRROR2.EXE, Žádná uživatelská akce, [0], [392686],1.0.10910

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Lenovo E550

Uživatelský avatar
Martinor
Level 2.5
Level 2.5
Příspěvky: 398
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 14:29

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-06-2019
Ran by mrmar (administrator) on LENOVO-MARTIN (LENOVO 20DF004UMC) (05-06-2019 14:23:16)
Running from C:\Users\mrmar\Downloads\Programs
Loaded Profiles: mrmar (Available Profiles: mrmar)
Platform: Windows 10 Pro Version 1803 17134.765 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
() [File not signed] C:\Program Files\Serviio\bin\ServiioService.exe
() [File not signed] C:\Program Files\Serviio\bin\ServiioService.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Don HO don.h@free.fr) [File not signed] C:\Program Files\Notepad++\notepad++.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_7ed9406f9c73fd1f\driver\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_7ed9406f9c73fd1f\driver\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.6.73.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123488 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [openvpn-gui] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [676992 2018-08-09] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Client Access Service] => C:\Program Files (x86)\IBM\Client Access\cwbsvstr.exe [24627 2007-03-12] (IBM Corporation) [File not signed]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4810224 2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4068464 2019-05-18] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\Run: [Free Download Manager] => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\MountPoints2: {04d93a52-a927-11e8-ba0d-806e6f6e6963} - "D:\TomoConLite.exe"
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\MountPoints2: {0cbbd0f0-aa06-11e8-ba12-34e6ad499d81} - "E:\.autorun\autorun.exe"
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\MountPoints2: {a593fbdf-0088-11e9-ba30-34e6ad499d81} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-05] (Google LLC -> Google LLC)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1F7C7403-8C8B-42CD-BF76-8DC1A68B5C89} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364808 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {25E9D19B-8DEA-404D-A20C-24682DFF29A9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {279B1ECB-A421-45DE-9CA6-5B2625C51E3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28FFD7F0-98EA-422C-867F-8B9FC9415A5B} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112312 2019-02-12] (Lenovo -> Lenovo)
Task: {3CDDA212-28E9-4B2C-992A-84917EFBB4ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3D2694B4-9F17-47B8-A5E8-2E2276F4738D} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [58552 2019-02-12] (Lenovo -> )
Task: {4789AC80-E39C-4C24-9119-4B53C9DE1B5C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209368 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {495249E8-863C-46DB-903B-CC610CE06D2A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-12-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {694DC9F7-3E73-4A26-BC81-4B0AAFBC1C62} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-26] (Google Inc -> Google Inc.)
Task: {6D258A89-56BE-4682-BF51-C84C43D7EBEE} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [10388872 2016-11-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7C747D8A-2DE1-44CD-891B-50D7F7E94FA2} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-01-25] (Lenovo -> )
Task: {87486B64-EFDE-4CC8-A681-6786045103FC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149520 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D9DCB9A-1845-410D-BF22-C08C598C218F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {90C4B805-F8C3-4D37-989E-ED14F738F2F0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209368 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {918BF854-661F-4ED1-9CD0-025770F4D9EA} - System32\Tasks\RtsCM => C:\Windows\RtsCM64.exe [232216 2016-08-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
Task: {9EF2DA42-0282-492F-AACB-824EBEACA059} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-01-25] (Lenovo -> )
Task: {A14202FA-DB2E-4B1B-8E91-7A99C4F22246} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166344 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A527FA88-3BA1-4B43-91AF-DD39C436642A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-26] (Google Inc -> Google Inc.)
Task: {ADFA2E6B-D4C9-45CC-AB91-C28ED7245136} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {DE2F168D-ABF9-4673-B4E4-76C9DEADAFA1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166344 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF096369-92C9-489E-A37D-458ED1B9E6CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E97F6D91-127E-4DEE-8BEB-31EA9C47E9CC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149520 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE327747-C732-4DED-A947-33EDD96A9525} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\Windows\System32\ibmpmsvc.exe [851800 2018-12-26] (Lenovo -> Lenovo.)
Task: {F42FBFCF-B529-4E77-9BE3-147CF098CC45} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364808 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5EA6204-15C2-4672-A8AE-23204A4D3596} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3611739075-2051146931-771507770-1001 => C:\Users\mrmar\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {F7ED1D5B-2DAB-441B-A503-B35533241224} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-mr.martinor@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{266a97a3-2088-4567-a7c5-87e86f060fac}: [DhcpNameServer] 172.20.1.185 172.20.1.190
Tcpip\..\Interfaces\{9b4170e7-c452-432b-b634-32aa00a592f8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{9b4170e7-c452-432b-b634-32aa00a592f8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e1bfacbf-2a13-4116-aef3-dc02e35adef1}: [DhcpNameServer] 172.20.1.185 172.20.1.190

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3611739075-2051146931-771507770-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-05-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-05-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Extension: (IDM Integration Module) -> EdgeExtension_TonecIncIDMIntegrationModule_e7b5mm5d3r6v2 => C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2018-08-26]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-02-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\mrmar\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\mrmar\AppData\Roaming\IDM\idmmzcc5 [2018-08-26] [Legacy] [not signed]
FF HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-18] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-18] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.google.com/"
CHR Profile: C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default [2019-06-05]
CHR Extension: (Google Translate) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-08-26]
CHR Extension: (Slides) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-26]
CHR Extension: (Docs) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-26]
CHR Extension: (Google Drive) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-26]
CHR Extension: (YouTube) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-21]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2019-02-07]
CHR Extension: (Samsung Internet) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\epejdmjgfibjaffbmojllapapjejipkh [2019-02-03]
CHR Extension: (Sheets) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-26]
CHR Extension: (Google Docs Offline) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-26]
CHR Extension: (AdBlock) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-28]
CHR Extension: (Google Play Music) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2018-08-26]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2019-01-11]
CHR Extension: (Grammarly for Chrome) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-06-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-04-01]
CHR Extension: (IDM Integration Module) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-05-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-26]
CHR Extension: (Gmail) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-05]
CHR Profile: C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-06-03]
CHR Extension: (Slides) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-08]
CHR Extension: (Docs) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-08]
CHR Extension: (Google Drive) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-08]
CHR Extension: (IBM Security Rapport) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-05-08]
CHR Extension: (Pulse) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp [2019-05-08]
CHR Extension: (YouTube) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-08]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-08]
CHR Extension: (Adobe Acrobat) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-08]
CHR Extension: (Sheets) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-08]
CHR Extension: (Google Docs Offline) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-10]
CHR Extension: (FormApps Extension) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2019-05-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-05-08]
CHR Extension: (IDM Integration Module) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-05-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-08]
CHR Extension: (Gmail) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-08]
CHR Extension: (Chrome Media Router) - C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-27]
CHR Profile: C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-09]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-05-18]
CHR HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [beliehdniadoecbonbhlcgbdldccfigp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-05-18]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [561512 2018-01-24] (Advanced Micro Devices, Inc. -> AMD)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [105248 2016-08-08] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11145800 2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [541896 2018-05-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370736 2018-09-18] (Intel Corporation -> Intel Corporation)
R2 Lenovo Instant On; C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe [2351288 2019-02-12] (Lenovo -> Lenovo Group Limited)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892760 2018-12-26] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 OpenVpnService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2018-08-09] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-08-09] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-08-09] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5274560 2019-04-15] (IBM -> IBM Corp.)
U2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449664 2018-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [942720 2018-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28768 2017-11-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2018-09-02] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2018-12-05] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_7ed9406f9c73fd1f\driver\TPHKLOAD.exe [424320 2018-11-05] (Lenovo -> Lenovo Group Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0323078.inf_amd64_5ba5615185ab6bc6\atikmdag.sys [36584288 2018-01-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0323078.inf_amd64_5ba5615185ab6bc6\atikmpag.sys [537440 2018-01-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [32384 2018-03-14] (Sony Mobile Communications AB -> Sony Mobile Communications)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136720 2018-05-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel(R) Software -> Intel Corporation)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-06-05] (Malwarebytes Corporation -> Malwarebytes)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3530176 2018-03-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [44160 2018-12-26] (Lenovo -> Lenovo.)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [503000 2019-04-15] (IBM -> IBM Corp.)
R1 RapportCerberus_1930415; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930415.sys [1659544 2019-04-10] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [727000 2019-04-15] (IBM -> IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [463408 2019-04-15] (IBM -> IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [610648 2019-04-15] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [766616 2019-04-15] (IBM -> IBM Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [786688 2016-08-24] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3127576 2016-08-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [49136 2018-04-15] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_005c; C:\Windows\System32\drivers\RzDev_005c.sys [51696 2018-04-22] (Razer USA Ltd. -> Razer Inc)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [287360 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [119424 2017-11-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2018-08-09] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
U3 dmwappushsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Lenovo E550

Uživatelský avatar
Martinor
Level 2.5
Level 2.5
Příspěvky: 398
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 14:29

FRST druhá část


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-05 14:22 - 2019-06-05 14:23 - 000000000 ____D C:\FRST
2019-06-05 14:22 - 2019-06-05 14:22 - 000000000 ____D C:\Users\mrmar\AppData\Local\Comms
2019-06-05 14:15 - 2019-06-05 14:15 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-06-05 14:14 - 2019-06-05 14:14 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-05 14:14 - 2019-06-05 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-05 14:14 - 2019-06-05 14:14 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-05 14:14 - 2019-06-05 14:14 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-05 14:14 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-06-05 14:14 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-06-05 12:05 - 2019-06-05 12:05 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2019-06-03 13:52 - 2019-06-03 14:14 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2019-06-03 13:52 - 2019-06-03 14:14 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2019-06-03 13:52 - 2019-06-03 13:52 - 000002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2019-06-01 18:19 - 2019-06-01 18:19 - 000770570 _____ C:\Users\mrmar\Downloads\calc075-flotily.xlsm
2019-05-31 10:55 - 2019-05-31 10:55 - 000376420 _____ C:\Users\mrmar\Desktop\flotila Rozsíval travel dodatek č.4 - připojištění.pdf
2019-05-31 10:51 - 2019-05-31 10:51 - 000222470 _____ C:\Users\mrmar\Downloads\flotila Rozsíval travel dodatek č.4 - připojištění.pdf
2019-05-30 17:49 - 2019-05-30 17:49 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\IBM
2019-05-30 17:49 - 2019-05-30 17:49 - 000000000 ____D C:\ProgramData\IBM
2019-05-30 10:34 - 2019-05-30 10:34 - 000000000 ____D C:\Users\mrmar\Documents\IBM
2019-05-30 10:30 - 1998-10-29 16:45 - 000306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2019-05-30 10:29 - 2019-05-30 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM iSeries Access for Windows
2019-05-30 10:29 - 2019-05-30 10:29 - 000000000 ____D C:\Users\Public\Documents\IBM
2019-05-30 10:29 - 2007-03-12 05:40 - 001007666 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbcore.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000561203 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbuna4d.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000525339 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsofui.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000279109 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsof.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000262195 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbunpla.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000254001 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbobj.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000208944 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbdb.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000196657 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbjob.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000190343 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsocmn.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000188467 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsohwr.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000184371 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsoprf.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000172080 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbdc.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000172032 _____ C:\Windows\SysWOW64\cwbrw.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000167985 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsfl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000155699 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbuncmn.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000139312 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbdq.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000127248 _____ (IBM Corporation) C:\Windows\SysWOW64\qxdaedrs.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000126976 _____ C:\Windows\cwbzip.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000106547 _____ (IBM Corporation) C:\Windows\SysWOW64\ca400cpl.cpl
2019-05-30 10:29 - 2007-03-12 05:40 - 000098353 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbprt.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000090163 _____ (IBM Corporation) C:\Windows\SysWOW64\bidiserv.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000081971 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbuncon.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000081970 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbbspc.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000073779 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsoltr.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000069683 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbunssl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000069683 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsolet.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000069683 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbbsspi.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000069680 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbup.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000065586 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbmsgl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000065584 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbrc.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000061491 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsoswp.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000057394 _____ (IBM Corporation) C:\Windows\cwbrest.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000053297 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbjbl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000049202 _____ (IBM Corporation) C:\Windows\cwbback.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000045110 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbunpls.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000041011 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsotif.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000041011 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsosmp.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000041008 _____ (IBM Corporation) C:\Windows\SysWOW64\cwblm.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000036915 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsotca.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000036915 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsorte.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000032819 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbsoapi.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000032819 _____ (IBM Corporation) C:\Windows\cwbviewr.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000032817 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbad1.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000032816 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbdt.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000028723 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbuiutl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000028723 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbdbfmt.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000028720 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbar.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000024630 _____ C:\Windows\SysWOW64\cwbunplp.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000024627 _____ (IBM Corporation) C:\Windows\SysWOW64\cwbuierr.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000024625 _____ (IBM Corporation) C:\Windows\rmtcmd.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000024576 _____ C:\Windows\SysWOW64\cwbsv.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000020531 _____ (IBM Corporation) C:\Windows\cwbunrse.exe
2019-05-30 10:29 - 2007-03-12 05:40 - 000020529 _____ C:\Windows\SysWOW64\cwbwiz.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000020480 _____ C:\Windows\SysWOW64\cwbsy.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000020480 _____ C:\Windows\SysWOW64\cwbnl.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000020480 _____ C:\Windows\SysWOW64\cwbco.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000016384 _____ C:\Windows\SysWOW64\cwbnldlg.dll
2019-05-30 10:29 - 2007-03-12 05:40 - 000016384 _____ C:\Windows\SysWOW64\cwbad.dll
2019-05-30 10:29 - 2005-10-19 05:40 - 000040960 _____ (IBM Corporation) C:\Windows\SysWOW64\pcmfcenu.dll
2019-05-30 10:28 - 2019-05-30 10:28 - 000000000 ____D C:\Program Files (x86)\IBM
2019-05-30 10:25 - 1998-11-13 11:58 - 000307200 _____ (InstallShield Software Corporation) C:\Windows\IsUn0405.exe
2019-05-30 10:19 - 2019-06-05 12:06 - 000000000 ____D C:\Users\mrmar\Documents\Soubory aplikace Outlook
2019-05-30 10:09 - 2019-05-30 10:09 - 000000000 ____D C:\Users\mrmar\OpenVPN
2019-05-30 10:09 - 2019-05-30 10:09 - 000000000 ____D C:\Program Files\OpenVPN
2019-05-26 14:33 - 2019-05-28 22:26 - 000000000 ____D C:\Users\mrmar\AppData\LocalLow\Mozilla
2019-05-26 14:33 - 2019-05-26 14:33 - 000000000 ____D C:\Users\mrmar\Desktop\Tor Browser
2019-05-18 13:08 - 2018-12-20 09:05 - 000229296 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2019-05-18 12:41 - 2019-05-18 12:41 - 000033127 _____ C:\Users\mrmar\Downloads\np0514.pdf
2019-05-18 12:20 - 2019-05-18 12:20 - 000158292 _____ C:\Users\mrmar\Downloads\np4816.pdf
2019-05-18 12:15 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-05-18 12:15 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-05-18 12:15 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-05-18 12:15 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-05-18 12:15 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-05-18 12:15 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-05-18 12:15 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-05-18 12:15 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-05-18 12:15 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-05-18 12:15 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2019-05-18 12:15 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-05-18 12:15 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-05-18 12:15 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-05-18 12:15 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-05-18 12:15 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-05-18 12:15 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-05-18 12:15 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-05-18 12:15 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-05-18 12:15 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-18 12:15 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-05-18 12:15 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-05-18 12:15 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-05-18 12:15 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-05-18 12:15 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-05-18 12:15 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-05-18 12:15 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-05-18 12:15 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-05-18 12:15 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-05-18 12:15 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-05-18 12:15 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-05-18 12:15 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-05-18 12:15 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-05-18 12:15 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-05-18 12:15 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-05-18 12:15 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-05-18 12:15 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-05-18 12:15 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-05-18 12:15 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-05-18 12:15 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-05-18 12:15 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-05-18 12:15 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-05-18 12:15 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-05-18 12:15 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-05-18 12:15 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-05-18 12:15 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-05-18 12:15 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-05-18 12:15 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-05-18 12:15 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-05-18 12:15 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-05-18 12:15 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-05-18 12:15 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-05-18 12:15 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-05-18 12:15 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-05-18 12:15 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-05-18 12:15 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-05-18 12:15 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-05-18 12:15 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-05-18 12:15 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2019-05-18 12:15 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-05-18 12:15 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2019-05-18 12:15 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-05-18 12:14 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-05-18 12:14 - 2019-05-03 14:14 - 000304144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2019-05-18 12:14 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-05-18 12:14 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-05-18 12:14 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-05-18 12:14 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-05-18 12:14 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-05-18 12:14 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-05-18 12:14 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-05-18 12:14 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-05-18 12:14 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-05-18 12:14 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-05-18 12:14 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-05-18 12:14 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-05-18 12:14 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-05-18 12:14 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-05-18 12:14 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2019-05-18 12:14 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-05-18 12:14 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-05-18 12:14 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-05-18 12:14 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-05-18 12:14 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2019-05-18 12:14 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-05-18 12:14 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-05-18 12:14 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-05-18 12:14 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-05-18 12:14 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-05-18 12:14 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2019-05-18 12:14 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-05-18 12:14 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-05-18 12:14 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-05-18 12:14 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-05-18 12:14 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-05-18 12:14 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-05-18 12:14 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-05-18 12:14 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-05-18 12:14 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-05-18 12:14 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-05-18 12:14 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-05-18 12:14 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-05-18 12:14 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-05-18 12:14 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-05-18 12:14 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-05-18 12:14 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll
2019-05-18 12:14 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-18 12:14 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2019-05-18 12:14 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-05-18 12:14 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-05-18 12:14 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-05-18 12:14 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2019-05-18 12:14 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2019-05-18 12:14 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-05-18 12:14 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-05-18 12:14 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-05-18 12:14 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-05-18 12:14 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-05-18 12:14 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-05-18 12:14 - 2019-05-03 07:54 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-05-18 12:14 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-05-18 12:14 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2019-05-18 12:14 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-05-18 12:14 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-05-18 12:14 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-05-18 12:14 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-05-18 12:14 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-05-18 12:14 - 2019-05-03 06:38 - 000001310 _____ C:\Windows\system32\tcbres.wim
2019-05-18 12:14 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2019-05-18 12:14 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-18 12:14 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-05-18 12:14 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-05-18 12:14 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\RDSPnf.exe
2019-05-18 12:14 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\perfproc.dll
2019-05-18 12:14 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-05-18 12:14 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-05-18 12:14 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll
2019-05-18 12:14 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-05-18 12:14 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2019-05-18 12:14 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2019-05-18 12:14 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-05-18 12:14 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-05-18 12:14 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-05-18 12:14 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2019-05-18 12:14 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-05-18 12:14 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2019-05-18 12:14 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-05-18 12:14 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\fcon.dll
2019-05-18 12:14 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2019-05-18 12:14 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\EduPrintProv.exe
2019-05-18 12:14 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe
2019-05-18 12:14 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\JpnServiceDS.dll
2019-05-18 12:14 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2019-05-18 12:14 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\FilterDS.dll
2019-05-18 12:14 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetDriverInstall.dll
2019-05-18 12:14 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-05-18 12:14 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\Windows\system32\SDDS.dll
2019-05-18 12:14 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\BingASDS.dll
2019-05-18 12:14 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-05-18 12:14 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2019-05-18 12:14 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-05-18 12:14 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2019-05-18 12:14 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2019-05-18 12:14 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-05-18 12:14 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-05-18 12:14 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-05-18 12:14 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-05-18 12:14 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-05-18 12:14 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-05-18 12:14 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-05-18 12:14 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-05-18 12:14 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2019-05-18 12:14 - 2019-04-19 05:18 - 000806360 _____ C:\Windows\SysWOW64\locale.nls
2019-05-18 12:14 - 2019-04-19 05:18 - 000806360 _____ C:\Windows\system32\locale.nls
2019-05-18 12:14 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-05-18 12:14 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-05-18 12:14 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-05-18 12:14 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-05-18 12:14 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-05-18 12:08 - 2019-05-18 12:08 - 000134156 _____ C:\Users\mrmar\Downloads\np0912.pdf
2019-05-18 12:01 - 2018-09-18 22:29 - 039861904 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 038903984 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 034823848 _____ (Intel Corporation) C:\Windows\SysWOW64\igd11dxva32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 013062664 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 005136360 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 004268616 _____ (Intel Corporation) C:\Windows\system32\igd12umd64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 004240096 _____ (Intel Corporation) C:\Windows\SysWOW64\igd12umd32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 002393248 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 001858720 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 001816808 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 001814152 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000312184 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000297048 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000242168 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000222816 _____ (Intel Corporation) C:\Windows\system32\igdde64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000205368 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000184072 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000182968 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000181912 _____ (Intel Corporation) C:\Windows\SysWOW64\igdde32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000160280 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000160280 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2019-05-18 12:01 - 2018-09-18 22:29 - 000055256 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2019-05-18 12:01 - 2018-09-18 22:28 - 015478376 _____ (Intel Corporation) C:\Windows\system32\igc64.dll
2019-05-18 12:01 - 2018-09-18 22:28 - 013483080 _____ (Intel Corporation) C:\Windows\SysWOW64\igc32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 013650520 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 010328976 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 005683728 _____ (Intel Corporation) C:\Windows\system32\igdmcl64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 005262736 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 004931088 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 004368992 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 003972192 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmcl32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 001590800 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 001178744 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 001020968 _____ C:\Windows\system32\igfxSDK.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000964960 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000961376 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000705104 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000463712 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000445912 _____ (Intel Corporation) C:\Windows\system32\IntelCpHDCPSvc.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000438904 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000416272 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000398808 _____ C:\Windows\system32\igfxTray.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000393184 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000389752 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000388696 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000318480 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000273424 _____ C:\Windows\system32\igfxCPL.cpl
2019-05-18 12:01 - 2018-09-18 19:29 - 000266256 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000255072 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000233440 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000229216 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000228704 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2019-05-18 12:01 - 2018-09-18 19:29 - 000225296 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000193112 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000173656 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000111712 _____ ( ) C:\Windows\system32\igfxSDKLibv2_0.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000104024 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000103440 _____ C:\Windows\system32\igfxCUIServicePS.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000100880 _____ ( ) C:\Windows\system32\igfxSDKLib.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000099920 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000095328 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000085008 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000052752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000029280 _____ ( ) C:\Windows\system32\igfxDILib.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000029200 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000027744 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000027664 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000022648 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2019-05-18 12:01 - 2018-09-18 19:29 - 000022648 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2019-05-18 12:01 - 2018-09-18 19:28 - 029101456 _____ (Intel Corporation) C:\Windows\system32\common_clang64.dll
2019-05-18 12:01 - 2018-09-18 19:28 - 019861392 _____ (Intel Corporation) C:\Windows\SysWOW64\common_clang32.dll
2019-05-18 12:01 - 2018-09-18 19:28 - 000172384 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2019-05-18 12:01 - 2018-09-18 19:17 - 000830871 _____ C:\Windows\system32\DisplayAudiox64.cab
2019-05-18 12:01 - 2018-09-18 19:17 - 000004846 _____ C:\Windows\system32\iglhxs64.vp
2019-05-13 21:28 - 2019-05-13 21:32 - 000509980 _____ C:\Users\mrmar\Documents\ff - HVP plně odemčená sazbotvorba .pdf
2019-05-13 20:49 - 2019-05-13 20:49 - 000156450 _____ C:\Users\mrmar\Downloads\saz0753upr03-19.pdf
2019-05-13 20:46 - 2019-06-05 13:52 - 000760983 _____ C:\Users\mrmar\Downloads\ff - HVP plně odemčená sazbotvorba .xlsm
2019-05-11 11:33 - 2019-05-11 11:35 - 000000000 ____D C:\Program Files (x86)\DevID Agent
2019-05-11 11:33 - 2019-05-11 11:33 - 000001114 _____ C:\Users\mrmar\Desktop\DevID Agent.lnk
2019-05-11 11:33 - 2019-05-11 11:33 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\Microsoft\Windows\Start Menu\DevID
2019-05-11 10:50 - 2019-06-05 12:05 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-05-11 10:50 - 2019-05-11 10:50 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2019-05-08 16:29 - 2019-05-08 16:29 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2019-05-08 16:29 - 2019-05-08 16:29 - 000000000 ____D C:\Users\mrmar\Documents\Adobe
2019-05-08 16:24 - 2019-05-08 16:28 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-05-08 16:24 - 2019-05-08 16:24 - 000000000 ____D C:\Program Files\Adobe
2019-05-08 16:21 - 2019-05-08 17:38 - 000000000 ____D C:\Hovinko
2019-05-08 16:16 - 2019-05-08 16:16 - 000000928 _____ C:\Users\Public\Desktop\Unity 2018.3.4f1 (64-bit).lnk
2019-05-08 16:15 - 2019-05-08 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2018.3.4f1 (64-bit)
2019-05-08 16:05 - 2019-05-08 16:05 - 000795784 _____ C:\Users\mrmar\Downloads\UnityDownloadAssistant-2018.3.4f1.exe
2019-05-08 16:02 - 2019-05-08 16:07 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\UnityHub
2019-05-08 16:02 - 2019-05-08 16:02 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\Unity Hub
2019-05-08 12:39 - 2019-05-08 12:39 - 000029609 _____ C:\Users\mrmar\Downloads\Seznam Flotila Dubay - Direct + HVP + A4F.xlsx
2019-05-08 12:25 - 2019-05-08 12:25 - 000145565 _____ C:\Users\mrmar\Downloads\Čísla ENC aktualizováno 15.1.2019 - (Denča) (1).xlsx
2019-05-08 12:23 - 2019-05-08 12:23 - 004148124 _____ C:\Users\mrmar\Downloads\HVP tegze (2).pdf
2019-05-08 11:52 - 2019-05-08 11:52 - 004148124 _____ C:\Users\mrmar\Downloads\HVP tegze (1).pdf
2019-05-08 11:25 - 2019-05-08 11:25 - 004148124 _____ C:\Users\mrmar\Downloads\HVP tegze.pdf
2019-05-08 11:21 - 2019-05-08 11:37 - 000002432 _____ C:\Users\mrmar\Desktop\Martin - Chrome.lnk
2019-05-08 10:44 - 2019-05-08 10:44 - 000666425 _____ C:\Users\mrmar\Downloads\Zaměstnanecký program.zip
2019-05-08 10:44 - 2019-05-08 10:44 - 000000000 ____D C:\Users\mrmar\Downloads\Zaměstnanecký program

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-05 14:22 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-05 14:17 - 2018-08-26 13:11 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\DMCache
2019-06-05 14:14 - 2018-04-12 01:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-05 13:56 - 2018-08-26 12:56 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-06-05 13:52 - 2018-08-26 12:56 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-06-05 12:10 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-05 12:10 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-06-05 12:09 - 2018-08-26 13:06 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-05 12:09 - 2018-08-26 13:06 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-05 12:08 - 2019-04-01 10:58 - 000000000 ___RD C:\Users\mrmar\Disk Google
2019-06-05 12:05 - 2018-08-26 13:08 - 000000000 __SHD C:\Users\mrmar\IntelGraphicsProfiles
2019-06-03 20:07 - 2018-08-27 17:04 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\vlc
2019-06-03 20:03 - 2019-04-10 16:46 - 000000000 ____D C:\Users\mrmar\Downloads\Video
2019-06-03 14:15 - 2018-09-02 13:26 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-06-03 14:02 - 2018-10-31 11:49 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-06-03 13:52 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-06-03 13:51 - 2018-09-02 13:25 - 000000000 ____D C:\ProgramData\Adobe
2019-06-03 13:44 - 2018-08-26 13:01 - 001689050 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-03 13:44 - 2018-04-12 17:51 - 000716276 _____ C:\Windows\system32\perfh005.dat
2019-06-03 13:44 - 2018-04-12 17:51 - 000144534 _____ C:\Windows\system32\perfc005.dat
2019-06-03 13:38 - 2018-08-28 21:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-06-03 13:38 - 2018-08-26 13:09 - 000003700 _____ C:\Windows\System32\Tasks\Lenovo Power Management Driver PnP Task
2019-06-03 13:38 - 2018-08-26 12:56 - 000411312 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-03 13:38 - 2018-08-26 12:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-03 13:30 - 2018-08-26 13:10 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-06-03 13:30 - 2018-04-11 23:04 - 000786432 _____ C:\Windows\system32\config\BBI
2019-06-01 18:23 - 2019-04-01 12:55 - 000000000 ____D C:\Users\mrmar\Downloads\Compressed
2019-06-01 18:20 - 2018-08-26 13:03 - 000000000 ____D C:\Users\mrmar\AppData\Local\Packages
2019-05-31 17:39 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2019-05-31 15:45 - 2019-03-23 13:16 - 000000000 ____D C:\Users\mrmar\Desktop\HVP
2019-05-31 14:24 - 2018-11-08 15:29 - 000000000 ____D C:\Users\mrmar\AppData\Local\LenovoServiceBridge
2019-05-30 10:19 - 2018-08-28 21:19 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\TeamViewer
2019-05-30 10:09 - 2018-08-26 13:00 - 000000000 ____D C:\Users\mrmar
2019-05-27 20:22 - 2018-08-26 19:28 - 000000000 ____D C:\Program Files\Microsoft Office
2019-05-26 23:46 - 2018-08-27 19:23 - 000002361 _____ C:\Users\mrmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-26 23:46 - 2018-08-26 13:07 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3611739075-2051146931-771507770-1001
2019-05-26 23:46 - 2018-08-26 13:05 - 000000000 ___RD C:\Users\mrmar\OneDrive
2019-05-25 18:04 - 2018-08-26 13:11 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\IDM
2019-05-25 18:03 - 2018-08-26 13:11 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2019-05-18 17:37 - 2018-09-02 13:26 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-18 17:22 - 2018-09-02 10:14 - 000016902 _____ C:\Windows\system32\results.xml
2019-05-18 17:19 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-05-18 17:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2019-05-18 17:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2019-05-18 17:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-05-18 17:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2019-05-18 12:21 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-05-18 12:14 - 2018-08-27 18:25 - 000000000 ____D C:\Windows\system32\MRT
2019-05-18 12:10 - 2018-08-27 18:24 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-05-18 12:08 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-05-18 12:04 - 2018-08-26 13:08 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2019-05-18 12:02 - 2018-08-26 13:08 - 000000000 ____D C:\Intel
2019-05-18 11:58 - 2018-11-16 18:17 - 000000000 ____D C:\Program Files\rempl
2019-05-18 11:53 - 2018-08-26 13:06 - 000003472 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-18 11:53 - 2018-08-26 13:06 - 000003348 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-11 10:50 - 2018-08-26 13:08 - 000000000 ____D C:\Program Files (x86)\Intel
2019-05-08 17:37 - 2018-11-28 20:08 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2019-05-08 17:37 - 2018-11-28 20:08 - 000000865 _____ C:\Users\Public\Desktop\Notepad++.lnk
2019-05-08 17:37 - 2018-11-28 20:08 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\Notepad++
2019-05-08 17:37 - 2018-11-28 20:08 - 000000000 ____D C:\Program Files\Notepad++
2019-05-08 16:30 - 2018-08-26 13:03 - 000000000 ____D C:\Users\mrmar\AppData\Roaming\Adobe
2019-05-08 16:24 - 2018-09-02 13:26 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-05-08 16:24 - 2018-08-26 13:11 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-07 19:10 - 2018-10-09 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2019-05-06 20:25 - 2018-09-24 09:50 - 000000000 ____D C:\Users\mrmar\AppData\Local\CrashDumps

==================== Files in the root of some directories =======

2018-10-31 11:47 - 2018-10-31 11:47 - 000000410 _____ () C:\Users\mrmar\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

==========================
Lenovo E550

Uživatelský avatar
Martinor
Level 2.5
Level 2.5
Příspěvky: 398
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 14:30

FRST Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-06-2019
Ran by mrmar (05-06-2019 14:24:59)
Running from C:\Users\mrmar\Downloads\Programs
Windows 10 Pro Version 1803 17134.765 (X64) (2018-08-26 10:58:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3611739075-2051146931-771507770-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3611739075-2051146931-771507770-503 - Limited - Disabled)
Guest (S-1-5-21-3611739075-2051146931-771507770-501 - Limited - Disabled)
mrmar (S-1-5-21-3611739075-2051146931-771507770-1001 - Administrator - Enabled) => C:\Users\mrmar
WDAGUtilityAccount (S-1-5-21-3611739075-2051146931-771507770-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2080, 07.07.2018 - AIMP DevTeam)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.)
Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
Balíček ovladače systému Windows - Silicon Laboratories (silabenm) Ports (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
Balíček ovladačů pro úsporný režim (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.10.00 (28.05.2015) - Samsung Electronics Co., Ltd.)
Call of Duty 4 - Modern Warfare verze 1.7 (HKLM-x32\...\{826D7727-6105-4C5D-A049-E4BADBC8BAAB}_is1) (Version: 1.7 - tomi2k9)
Catalyst Control Center Next Localization BR (HKLM\...\{CCE76752-1A82-EF43-4B55-6C5154F0112E}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{9C4FCC2E-4E4F-5CDF-1A60-336B5A7E49CB}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2A1637CE-9314-EA72-0F2C-E6E8CC805B7B}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A71A7061-5728-3DA3-D58C-CDAFA87AD725}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{EA137731-99F1-E42D-6D5C-49F16BF5F868}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{2CFF01A0-C485-8455-B331-0A6B8756E232}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A79098E5-9593-F299-470E-571B9F255A48}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{5D8C735C-C28F-E8EF-80B2-96EAF42F401A}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B8255085-FBE7-7C3F-3397-23DC07C21297}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A5539B0-B4EE-3A5E-29F9-63EDF84A79E2}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{EEF7A56C-6AD1-3176-83D7-9C4AC45A447C}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{3A3B6A80-249F-7651-CD12-23FD2E7C1932}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{29612BF6-6D8A-4CE8-12AC-777144642135}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{739859D8-9A12-6540-9B25-EDF09B43C845}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{144FC26D-3A27-2608-5C4C-DF59A2A3ACD1}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{B40D1236-0751-4C78-2E4C-A865235BAF52}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F2F82D32-807F-1214-CB1F-B734B4E26398}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{29306290-76E1-BF93-BD39-C548495CC4E4}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3AE6129D-AEE2-6A23-A335-1804470CE6EA}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{91E744CE-5472-1E15-0E89-69187A437656}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{6220990C-8452-DB19-A2A8-8F2B81057151}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
cwbin64a (HKLM\...\{B84E3B73-8A6D-434A-B656-327A560BDE24}) (Version: 05.04.0000 - IBM) Hidden
DevID Agent (HKLM-x32\...\DevID_Agent) (Version: 4,48 - DevID)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Exodus (HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\exodus) (Version: 19.4.26 - Exodus Movement Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.80 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
HP Color LaserJet Pro MFP M477 (HKLM-x32\...\{15758d59-89d2-4595-b92f-0145a142f8f7}) (Version: 16.0.17171.700 - Hewlett-Packard)
HP Dropbox Plugin (HKLM-x32\...\{19EDEC5D-055E-4AD0-88AC-C342608FC47E}) (Version: 36.0.445.57508 - HP)
HP Google Drive Plugin (HKLM-x32\...\{1B225296-B1F1-40B3-8427-844E97CB2D1B}) (Version: 36.0.445.57508 - HP)
HPCLJProMFPM477 (HKLM-x32\...\{9F4A8FAA-994E-4623-AB4C-D00F51DA189D}) (Version: 0.05.0000 - Hewlett-Packard) Hidden
IBM iSeries Access for Windows (HKLM-x32\...\ClientAccessExpress) (Version: - )
IBM iSeries Access for Windows SI37892 (HKLM-x32\...\ClientAccessExpressSP) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{b23c55fa-5271-4d64-ba8f-6718be55b9a7}) (Version: 10.1.1.33 - Intel(R) Corporation) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0078 - Lenovo)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0005 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1289.727 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6.6 - Notepad++ Team)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.429 - Trusteer)
OpenVPN 2.4.5 (HKLM\...\OpenVPN) (Version: 2.4.5 - LinuxBox.cz)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.0.277 - Jan Fiala)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
PX Profile Update (HKLM-x32\...\{45B33743-2770-5555-71B0-3D96AD15536E}) (Version: 1.00.1. - AMD) Hidden
RAPID Mode (HKLM\...\{AE75272A-6421-4A65-80F8-31568BCF6E75}) (Version: 1.0.0.101 - Samsung Electronics Co., Ltd.) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.429 - Trusteer) Hidden
Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.17.2 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21290 - Realtek Semiconductor Corp.)
Samsung Easy Color Manager (HKLM-x32\...\Samsung Easy Color Manager) (Version: 4.00.14.00 (05.11.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.53 (30.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.24 - HP Printing Korea Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.28 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.32 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 3.31.81.01:10 - Samsung Electronics Co., Ltd.)
Serviio (HKLM\...\Serviio) (Version: 1.10.1 - Six Lines Ltd)
Skype verze 8.28 (HKLM-x32\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) Hidden
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
Unity (HKLM-x32\...\Unity) (Version: 2018.3.4f1 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Visual Studio Community 2017 (HKLM-x32\...\8c765e16) (Version: 15.8.28010.2003 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
vs_communitymsi (HKLM-x32\...\{4C60D242-B039-4DBB-A202-BE55478E8500}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{226CCDB6-96F9-4DE6-9CCC-DB49D0A0A971}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DC4F558F-90E2-4B9C-8A2B-5DD92EF71F84}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{31312BFA-5D30-4B56-BACB-BFE26CE2E285}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{082DBA20-8C1E-4D4C-85F4-A813283B7849}) (Version: 15.8.28010 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B8B65A93-F72B-42C2-AE1A-FF440B44BB67}) (Version: 15.0.26621 - Microsoft Corporation) Hidden

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.520.0_x64__rz1tebttyb220 [2019-03-13] (Dolby Laboratories)
IDM Integration Module -> C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2018-08-26] (Tonec Inc.)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_18.2.500.0_x64__4n2hpmxwrvr6p [2019-04-30] (XBMC Foundation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.3.4032.0_x86__8wekyb3d8bbwe [2019-04-15] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.375.0_x64__mcm4njqhnhss8 [2019-02-22] (Netflix, Inc.)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2018-09-02] (Samsung Electronics Co. Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3611739075-2051146931-771507770-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-08-27] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-11-13] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-08-27] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-12-27] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-3611739075-2051146931-771507770-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\mrmar\Desktop\Rayman.bat – zástupce.lnk -> C:\Users\mrmar\Downloads\Compressed\rayman12eu_dos_win\Rayman1.2\Rayman.bat (No File)

ShortcutWithArgument: C:\Users\mrmar\Desktop\Martin - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\mrmar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Kamil - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) ==============

2019-02-18 20:55 - 2019-02-18 20:55 - 000048128 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\cs_cz\PDFMaker\PDFMOutlookAddin.CZE
2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2018-08-09 15:29 - 2018-08-09 15:29 - 000676992 _____ () [File not signed] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2018-12-05 03:12 - 2018-12-05 03:12 - 000413696 _____ () [File not signed] C:\Program Files\Serviio\bin\ServiioService.exe
2018-05-17 10:07 - 2018-05-17 10:07 - 000087552 _____ () [File not signed] C:\Windows\system32\SSDEVM64.DLL
2019-02-18 20:55 - 2019-02-18 20:55 - 000055296 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\cs_cz\Adobe Send\SendAsLinkAddin.CZE
2017-12-27 05:54 - 2017-12-27 05:54 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2017-12-27 05:55 - 2017-12-27 05:55 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamcsy.dll
2019-04-03 23:55 - 2019-04-03 23:55 - 003441664 _____ (Don HO don.h@free.fr) [File not signed] C:\Program Files\Notepad++\notepad++.exe
2019-03-06 04:16 - 2019-03-06 04:16 - 000113152 _____ (Don HO don.h@free.fr) [File not signed] C:\Program Files\Notepad++\plugins\mimeTools\mimeTools.dll
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2018-08-26 19:28 - 2018-08-26 19:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2018-08-26 19:28 - 2018-08-26 19:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2019-06-03 14:02 - 000004625 _____ C:\Windows\system32\drivers\etc\hosts

0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com

There are 88 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\PuTTY\;C:\PROGRA~2\IBM\CLIENT~1;C:\PROGRA~2\IBM\CLIENT~1\Shared;C:\PROGRA~2\IBM\CLIENT~1\Emulator;
HKU\S-1-5-21-3611739075-2051146931-771507770-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-3611739075-2051146931-771507770-1001\...\StartupApproved\StartupFolder: => "Lingea Update Center.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{873AD111-02D1-439D-92FB-A72170C0F8A9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B620B035-0D50-4EAC-A99E-A3EBCD498B99}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{D4D7146C-B0B3-4B86-84D6-2F64D1338A4F}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe No File
FirewallRules: [UDP Query User{7C3FB012-56E5-4E30-A7ED-21B190EB9E89}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe No File
FirewallRules: [TCP Query User{3490C4A8-B398-472C-A69C-DC75E1CD56BF}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [UDP Query User{0A366A7C-F57E-4542-88BD-52F3914BE9B8}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [{9D4FC888-FDA8-4817-BEDC-A7A611B627E9}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{BBD482AE-6585-4E35-9871-2FF2604BFC37}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F49F621B-DA85-4CB8-A412-44D360C96998}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> )
FirewallRules: [{58B9FBD9-1A02-47D8-86B0-EF12BAAC8E91}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{A8AFCD1E-CB21-4F66-AB57-1CD9EF7E70AA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{849F8CC7-B823-4547-868C-7276F9E91448}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> )
FirewallRules: [{02B30D7A-43CB-4F6A-9C40-299B162DF8F2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A4E585ED-1179-4DC8-A1E5-00BBA3A97CAD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{EC18F5D8-6220-4392-8A64-0C1932070335}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{22986DE2-C8E6-47B0-B232-DEA87BF52BC2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{3FC9DEBF-673C-437F-88E6-D6D9D3226C8F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{7A993EE8-3FD8-4113-9464-462B097F4C81}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{46813B59-BC0B-47F8-91C3-1338331CA7DA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{0290D131-66F7-4B0C-B192-057C229341F7}] => (Allow) C:\Program Files (x86)\Samsung Easy Color Manager\Samsung Easy Color Manager.exe (Samsung Electronics CO., LTD. -> Samsung)
FirewallRules: [TCP Query User{4C3A7515-6336-4078-89D7-56E2519917D9}C:\programdata\sony mobile\update engine\{0d4c939f-ca39-49bb-9949-3d1f83a2c749}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{0d4c939f-ca39-49bb-9949-3d1f83a2c749}\sony mobile update engine.exe No File
FirewallRules: [UDP Query User{EF827B4F-6F71-4122-B389-C2FAB1817FEA}C:\programdata\sony mobile\update engine\{0d4c939f-ca39-49bb-9949-3d1f83a2c749}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{0d4c939f-ca39-49bb-9949-3d1f83a2c749}\sony mobile update engine.exe No File
FirewallRules: [{B0D2328F-2D12-4ED7-8D4D-2436E739F82D}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe No File
FirewallRules: [{F243D72B-A342-4691-8C1F-623B164AAC0F}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe No File
FirewallRules: [{EF8B069A-7E9A-4799-858D-C17CFDA380B8}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe No File
FirewallRules: [{4E2B5E30-FCC4-44CD-BBFA-05B8FA9B5B84}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe No File
FirewallRules: [{8A1390E2-FB17-454F-884E-1A7A685BA586}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\syst\luc.exe No File
FirewallRules: [{02265B4F-339E-4720-B226-7D344E591896}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\syst\luc.exe No File
FirewallRules: [{E14EF38F-9262-40D2-9A91-95713A5894E8}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\syst\luc.exe No File
FirewallRules: [{D6693046-F634-44C8-9D14-985B77E5F1AA}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\syst\luc.exe No File
FirewallRules: [{1A605FC6-3B00-432A-8EBD-456E60844D29}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\LexWin.exe No File
FirewallRules: [{91A879E2-6E77-493E-807E-463B398B35C2}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\LexWin.exe No File
FirewallRules: [{DA087A88-C70C-4BC0-B3F8-853B07FAA106}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\LexWin.exe No File
FirewallRules: [{3409BC20-2D70-4FBC-96B2-3CDD5F77BE8C}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\LexWin.exe No File
FirewallRules: [{D4869629-4ACF-4139-A000-9C3193BB50DF}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe No File
FirewallRules: [{460E1AE8-8185-4BBC-95CE-98419462C175}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe No File
FirewallRules: [{5DEF61D2-68B8-4682-8CC8-753F9C21C0D0}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe No File
FirewallRules: [{50A48826-A0E5-4E9D-94CD-83C4192A64AC}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe No File
FirewallRules: [{469440CF-A210-42B4-BF6F-EBE45BF9F827}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Setup.exe No File
FirewallRules: [{C1774007-E191-449F-AD8F-B42E3DC59596}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Setup.exe No File
FirewallRules: [{F97C67E3-7BAD-4B65-9613-19D3153F1B6C}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Setup.exe No File
FirewallRules: [{7748B54D-FB1C-447F-AE3A-D1A82F3793DF}] => (Allow) C:\Program Files (x86)\Lingea\Lexicon5\Setup.exe No File
FirewallRules: [TCP Query User{3A232EC6-93E1-4E67-85B6-FC8E4B47106F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{1E5FCB6F-32A4-4E95-8686-68E2FD912BAD}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{451FAA71-012C-45CA-AAEA-8620033027FF}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{DFBC5B0A-BE7C-44E0-8963-729CC9EE06D7}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{06EB8EA0-CBFF-4C6E-B283-E46B18C962AE}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{91D46341-5CD2-419F-838B-071F6A64091C}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{4D980459-1368-4537-BC2B-0107F2A4B55A}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [File not signed]
FirewallRules: [{17808EDE-E5FC-433A-86FA-A24CDAA63F3D}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [File not signed]
FirewallRules: [{C7144189-69C5-4F55-B841-BDB763814E8E}] => (Allow) C:\Program Files\Serviio\console\ServiioConsole.exe (Six Lines Ltd) [File not signed]
FirewallRules: [{F979F4B8-4E1D-4318-BE21-570EB1FB6A3E}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{12A2E6D2-C871-4C00-9D4E-96D23123C76F}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{A5869D4C-3384-488B-A683-38E6EF69C7BF}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{98D102B7-A740-4AF8-9D17-5E2BD057311B}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [TCP Query User{801ADA38-4D8D-413B-8CE1-3DEDC67E5FDD}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{00F8E3EF-3EDA-4EA0-B1B0-02119814810B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{0272BFBF-3EE0-40A2-B887-C8F8027A56D1}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe No File
FirewallRules: [UDP Query User{59F6D10B-11A0-4BAC-9DCE-BC075DD4AB19}C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files (x86)\tp-link\tp-link plc utility\tpplc.exe No File
FirewallRules: [{DCF865DF-3E65-4014-90AB-03A7732E129A}] => (Allow) LPort=1688
FirewallRules: [{47EC36E9-598C-4B44-A1A5-BECC6B1AE200}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{CE59A1E8-29CB-4CA6-9CC4-6851E70C567C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{CBEBDF77-C5B5-4981-962A-FF3B221CD53C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1E568553-A0E0-476F-AB67-982E80FB34DD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B5FAF719-2874-47F0-AF79-8A69186C8C57}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{413CC7AB-14B0-4903-BC7D-E95F5A7923DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CAF39ECB-A16C-44FE-8AFD-631D378F048D}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe No File
FirewallRules: [TCP Query User{BF9252D2-2386-49C6-8107-E6538B3B7874}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe No File
FirewallRules: [UDP Query User{AD532FB1-F980-4085-8972-157115F6BC2B}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe No File
FirewallRules: [{0E2C00DA-D80C-4563-9DF1-A8B9133C534E}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{03D0E675-958F-4558-A2BE-6F268775E871}] => (Block) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{176CE030-3305-4F7D-89B1-EEAACD58C8AA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A9852750-5951-42B2-891B-57143366B792}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

25-05-2019 18:23:31 Naplánovaný kontrolní bod
02-06-2019 18:53:25 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2019 01:52:51 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:

Error: (06/03/2019 01:53:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:52:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:52:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:52:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:52:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:52:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_fb42a1a930655896.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.765_none_42efd88044e1819c.manifest.

Error: (06/03/2019 01:48:37 PM) (Source: MsiInstaller) (EventID: 11305) (User: LENOVO-MARTIN)
Description: Produkt: Adobe Acrobat DC -- Chyba 1305.Chyba čtení ze souboru C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Multimedia Skins\Players\AudioPlayer.swf. Zkontrolujte, zda soubor existuje a zda je pro vás přístupný.


System errors:
=============
Error: (06/05/2019 01:56:53 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-MARTIN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LENOVO-MARTIN\mrmar (SID: S-1-5-21-3611739075-2051146931-771507770-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/05/2019 01:52:57 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-MARTIN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LENOVO-MARTIN\mrmar (SID: S-1-5-21-3611739075-2051146931-771507770-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/05/2019 12:06:35 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-MARTIN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LENOVO-MARTIN\mrmar (SID: S-1-5-21-3611739075-2051146931-771507770-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/05/2019 12:05:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/05/2019 12:05:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/05/2019 12:05:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/04/2019 04:05:44 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-MARTIN)
Description: Server {7160A13D-73DA-4CEA-95B9-37356478588A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/04/2019 04:05:44 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-MARTIN)
Description: Server {7160A13D-73DA-4CEA-95B9-37356478588A} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2019-06-03 13:44:50.184
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_G:\adobe\Adobe Acrobat Pro 20035 x86x64 Final CZ+SK+HU 2018!\KEYGEN!.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LENOVO-MARTIN\mrmar
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.293.2791.0, AS: 1.293.2791.0, NIS: 1.293.2791.0
Verze modulu: AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-06-03 13:44:17.480
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_G:\adobe\Adobe Acrobat Pro 20035 x86x64 Final CZ+SK+HU 2018!\KEYGEN!.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LENOVO-MARTIN\mrmar
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.293.2791.0, AS: 1.293.2791.0, NIS: 1.293.2791.0
Verze modulu: AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-06-02 18:27:13.265
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {89BE2A41-033A-4858-BEAE-A45ED143BB0D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-01 18:35:15.526
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {91C74553-65DD-46DE-9124-97F21E35D4F5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-01 17:36:31.181
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {06874A7E-0AAD-4168-9766-F822196D6AD7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-25 09:52:36.825
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.2116.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-02-28 19:22:02.728
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:MSIL/AutoKMS
ID: 2147711767
Závažnost: Vysoké
Kategorie: Nástroj
Uživatel: LENOVO-MARTIN\mrmar
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze podpisu: AV: 1.291.384.0, AS: 1.291.384.0
Verze modulu: 1.1.15800.1

Date: 2019-02-28 19:21:50.074
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:MSIL/AutoKMS
ID: 2147711767
Závažnost: Vysoké
Kategorie: Nástroj
Uživatel: LENOVO-MARTIN\mrmar
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze podpisu: AV: 1.291.384.0, AS: 1.291.384.0
Verze modulu: 1.1.15800.1

Date: 2019-03-26 10:01:14.459
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.223.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-03-24 12:10:46.045
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.137.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-06-05 14:19:24.348
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:24.272
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:24.178
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:24.117
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:23.946
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:23.851
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:23.756
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-06-05 14:19:23.638
Description:
Windows blocked file \Device\HarddiskVolume2\Windows\System32\scrobj.dll which has been disallowed for protected processes.

==================== Memory info ===========================

BIOS: LENOVO J5ET63WW (1.34 ) 09/26/2018
Motherboard: LENOVO 20DF004UMC
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 7926.18 MB
Available physical RAM: 2982.33 MB
Total Virtual: 13302.18 MB
Available Virtual: 4256.17 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:857.94 GB) (Free:718.61 GB) NTFS

\\?\Volume{1c499feb-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 1C499FEB)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=857.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Lenovo E550

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39707
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu - Adware chrome

Příspěvekod jaro3 » 05 čer 2019 18:39

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Skenování“ , po prohledání klikni na „ Čištění

Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Martinor
Level 2.5
Level 2.5
Příspěvky: 398
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 20:50

Ok díky, teď jak na tom budu pracovat, budu to postupně posílat, stejně je tam omezení znaků a nelze to poslat v jednom příspěvku :)

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-05-2019
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Pulse
Deleted Pulse

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1289 octets] - [05/06/2019 20:46:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Lenovo E550

Uživatelský avatar
Martinor
Level 2.5
Level 2.5
Příspěvky: 398
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 21:06

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by mrmar (Administrator) on 05.06.2019 at 20:52:46,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\Users\mrmar\AppData\Local\pdfforge (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Lenovo Power Management Driver PnP Task (Task)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Free Download Manager (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.06.2019 at 20:58:11,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Lenovo E550

Uživatelský avatar
Martinor
Level 2.5
Level 2.5
Příspěvky: 398
Registrován: listopad 06
Bydliště: Brno
Pohlaví: Muž

Re: Kontrola logu - Adware chrome

Příspěvekod Martinor » 05 čer 2019 21:22

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 05.06.19
Čas skenování: 21:18
Logovací soubor: a97a6b3c-87c6-11e9-8546-68f728cf0bc1.json

-Informace o softwaru-
Verze: 3.7.1.2839
Verze komponentů: 1.0.586
Aktualizovat verzi balíku komponent: 1.0.10914
Licence: Bezplatný

-Systémová informace-
OS: Windows 10 (Build 17134.765)
CPU: x64
Systém souborů: NTFS
Uživatel: LENOVO-MARTIN\mrmar

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 297410
Zjištěné hrozby: 63
Hrozby umístěné do karantény: 63
Uplynulý čas: 3 min, 53 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\beliehdniadoecbonbhlcgbdldccfigp, V karanténě, [250], [678404],1.0.10914

Hodnota v registru: 2
PUP.Optional.MailRu, HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|BELIEHDNIADOECBONBHLCGBDLDCCFIGP, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, HKU\S-1-5-21-3611739075-2051146931-771507770-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 2\extensions.settings|BELIEHDNIADOECBONBHLCGBDLDCCFIGP, V karanténě, [250], [678404],1.0.10914

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 12
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\en, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\ru, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\img, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_metadata, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Extensions\BELIEHDNIADOECBONBHLCGBDLDCCFIGP, V karanténě, [250], [678404],1.0.10914

Soubor: 48
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\img\loaded-empty.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-dark-up.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-light-down.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\currency-arrow-light-up.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\drag-arrows.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\assets\resources\search-cancel-button.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-128.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-16.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-32.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\add-48.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-128.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-16.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-32.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\added-48.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-128.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-16.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-32.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\browser-action\disabled-48.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-128.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-16.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-32.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\icons\icon-48.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\black-cross.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\spinner.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\trash.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\img\white-cross.png, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\en\messages.json, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_locales\ru\messages.json, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\_metadata\verified_contents.json, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\page-script.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\app.bundle.css, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\app.bundle.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.bundle.css, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.bundle.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\background.html, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\context_mailru-plugin.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\manifest.json, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\page-script.css, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\prerender.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle.css, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle~background.bundle.css, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~app.bundle~background.bundle.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\vendors~background.bundle.js, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\Users\mrmar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beliehdniadoecbonbhlcgbdldccfigp\4.2.6_0\visual-bookmarks.html, V karanténě, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Nahrazen, [250], [678404],1.0.10914
PUP.Optional.MailRu, C:\USERS\MRMAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Preferences, Nahrazen, [250], [678404],1.0.10914
Generic.Malware/Suspicious, C:\PROGRAMDATA\KMSAUTOS\BIN\TUNMIRROR2.EXE, V karanténě, [0], [392686],1.0.10914

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Lenovo E550

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39707
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu - Adware chrome

Příspěvekod jaro3 » 05 čer 2019 22:56

Ještě to další.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 1 host