Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by kos (15-06-2018 07:37:14)
Running from C:\Users\kos\Desktop
Windows 10 Pro Version 1803 17134.112 (X64) (2018-05-10 11:28:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4158694343-2787186292-2830082996-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4158694343-2787186292-2830082996-503 - Limited - Disabled)
Guest (S-1-5-21-4158694343-2787186292-2830082996-501 - Limited - Disabled)
kos (S-1-5-21-4158694343-2787186292-2830082996-1001 - Administrator - Enabled) => C:\Users\kos
WDAGUtilityAccount (S-1-5-21-4158694343-2787186292-2830082996-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
A-PDF Split 2.7 (HKLM-x32\...\A-PDF Split_is1) (Version:  - A-PDF.com)
Box (HKLM\...\{9FEC3D65-1F58-4948-B61E-BC243D63D8E9}) (Version: 1.13.83 - Box, Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2523 - CDBurnerXP)
DraftSight 2018 SP1 x64 (HKLM\...\{46ED85CE-F89E-4629-B375-568D07074E75}) (Version: 18.1.0044 - Dassault Systemes)
Dropbox (HKLM-x32\...\Dropbox) (Version: 51.4.66 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
E-CONFIG 3.4.34-CZ/CZ (HKLM-x32\...\E-CONFIG (CZ/CZ)_is1) (Version: 3.4.34 - Eaton Elektrotechnika s.r.o.)
eM Client (HKLM-x32\...\{E6153BA4-D898-4C8E-82CD-8BD3F5476984}) (Version: 7.1.32088.0 - eM Client Inc.)
FileOpen Client (x64) B928 (HKLM\...\{3ED9A79B-1419-4C5F-BA88-EFD6F180EBE5}) (Version: 3.0.95.928 - FileOpen Systems, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
ILLKO Studio (HKLM-x32\...\ILLKOStudio_is1) (Version: 1.20 - ILLKO, s.r.o.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
LibreOffice 6.0.4.2 (HKLM\...\{CBC4E8DF-CCBD-4260-A6A5-B682BA706DC4}) (Version: 6.0.4.2 - The Document Foundation)
Mailbird (HKLM\...\{4A08E93B-2008-48CE-B72A-01CA3010AC99}) (Version: 2.5.8 - Mailbird)
Manager (HKLM-x32\...\{6256D767-63FF-4772-8BA0-05D4922A91A1}) (Version: 4.1.12.37570 - SOBER LEMUR SAS DI VACONDIO ANDREA) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4158694343-2787186292-2830082996-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.8.0.6710 - Mozilla)
Mozilla Thunderbird 52.8.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.8.0 (x86 cs)) (Version: 52.8.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4158694343-2787186292-2830082996-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x4983960707FFD301D34D1C3E9503D401040000001800000000000000 => No File
CustomCLSID: HKU\S-1-5-21-4158694343-2787186292-2830082996-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()
ShellIconOverlayIdentifiers: [    BoxLocked] -> {1B927815-D431-48B1-A746-6FF91FB35431} => C:\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll [2018-05-18] (Box, Inc.)
ShellIconOverlayIdentifiers: [    BoxLockedByOther] -> {73C8BC94-4A51-413B-B927-829449EAFA75} => C:\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll [2018-05-18] (Box, Inc.)
ShellIconOverlayIdentifiers: [    BoxProblem] -> {8BBBCFB6-60E2-4C0F-BB31-10434068E2BE} => C:\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll [2018-05-18] (Box, Inc.)
ShellIconOverlayIdentifiers: [    BoxSynced] -> {04B9BDFA-0C53-4F36-A77F-51F53E3EF3EC} => C:\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll [2018-05-18] (Box, Inc.)
ShellIconOverlayIdentifiers: [    BoxSyncing] -> {2FFF193C-5891-4B26-B363-40D3B5257FE9} => C:\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll [2018-05-18] (Box, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {9806EE04-31E4-4256-B5B2-9DDED192029B} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-21] (/n software, Inc.)
ShellIconOverlayIdentifiers-x32: [    BoxLocked] -> {1B927815-D431-48B1-A746-6FF91FB35431} => C:\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll [2018-05-18] (Box, Inc.)
ShellIconOverlayIdentifiers-x32: [    BoxLockedByOther] -> {73C8BC94-4A51-413B-B927-829449EAFA75} => C:\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll [2018-05-18] (Box, Inc.)
ShellIconOverlayIdentifiers-x32: [    BoxProblem] -> {8BBBCFB6-60E2-4C0F-BB31-10434068E2BE} => C:\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll [2018-05-18] (Box, Inc.)
ShellIconOverlayIdentifiers-x32: [    BoxSynced] -> {04B9BDFA-0C53-4F36-A77F-51F53E3EF3EC} => C:\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll [2018-05-18] (Box, Inc.)
ShellIconOverlayIdentifiers-x32: [    BoxSyncing] -> {2FFF193C-5891-4B26-B363-40D3B5257FE9} => C:\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll [2018-05-18] (Box, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32-x32-x32-x32: [EldosIconOverlay-cbfs6] -> {9806EE04-31E4-4256-B5B2-9DDED192029B} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-21] (/n software, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1_S-1-5-21-4158694343-2787186292-2830082996-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {034560F0-564E-4E1F-AA84-50F003ECD4B9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-03-19] (Dropbox, Inc.)
Task: {0C442F2B-1429-4BB3-8A9E-4D6DCD873AC7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {24F7F65C-9ABD-44E0-92A1-5A5C67493434} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-19] (Google Inc.)
Task: {4DF86CB1-D200-4188-9692-85E6690DD655} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {509D8396-5B74-4B41-B36C-3367B125168A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {50A5AD3B-830C-47A5-B4AF-9982EEC60008} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-19] (Google Inc.)
Task: {5B7D569C-C6C3-458C-AA7B-BC8407FDB6C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {75D9E09B-9B13-45F0-AFD9-C16D74E648FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {A2222ECB-449C-4BE4-BD89-94CDBA5581C0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-03-19] (Dropbox, Inc.)
Task: {A7602A69-539E-46A8-9248-B0D5D124761A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {B500D610-3639-4446-BD47-400A5239036E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {F5CBC8A3-C517-40D2-B8FF-7B1A12B0F3E5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-03-17 12:19 - 2013-07-03 21:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-16 09:21 - 2014-11-02 18:45 - 000029184 _____ () C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2017-10-20 17:42 - 2017-10-20 17:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-06-13 05:49 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-24 05:38 - 2018-05-24 05:38 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-24 05:38 - 2018-05-24 05:38 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-24 05:38 - 2018-05-24 05:38 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-24 05:38 - 2018-05-24 05:38 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-01 07:29 - 2018-06-01 07:29 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-05-24 05:38 - 2018-05-24 05:38 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-05-24 05:38 - 2018-05-24 05:38 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-03-17 12:51 - 2018-03-17 12:52 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-24 05:38 - 2018-05-24 05:38 - 009358848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-05-18 17:39 - 2018-05-18 17:39 - 000127696 _____ () C:\Program Files\Box\Box\_ctypes.pyd
2018-05-18 17:39 - 2018-05-18 17:39 - 001489104 _____ () C:\Program Files\Box\Box\_hashlib.pyd
2018-05-18 17:39 - 2018-05-18 17:39 - 000057552 _____ () C:\Program Files\Box\Box\_socket.pyd
2018-05-18 17:39 - 2018-05-18 17:39 - 002107600 _____ () C:\Program Files\Box\Box\_ssl.pyd
2018-03-13 23:51 - 2018-03-13 23:51 - 000137424 _____ () C:\Program Files\Box\Box\win32api.pyd
2018-03-13 23:51 - 2018-03-13 23:51 - 000146640 _____ () C:\Program Files\Box\Box\pywintypes27.dll
2018-03-13 23:51 - 2018-03-13 23:51 - 000557776 _____ () C:\Program Files\Box\Box\pythoncom27.dll
2018-03-13 23:51 - 2018-03-13 23:51 - 000029904 _____ () C:\Program Files\Box\Box\win32event.pyd
2018-05-18 17:39 - 2018-05-18 17:39 - 000010448 _____ () C:\Program Files\Box\Box\clr.pyd
2018-05-18 17:39 - 2018-05-18 17:39 - 000068304 _____ () C:\Program Files\Box\Box\psutil._psutil_windows.pyd
2018-05-18 17:39 - 2018-05-18 17:39 - 000034000 _____ () C:\Program Files\Box\Box\ujson.pyd
2018-05-18 17:39 - 2018-05-18 17:39 - 000018640 _____ () C:\Program Files\Box\Box\select.pyd
2018-05-18 17:39 - 2018-05-18 17:39 - 000699088 _____ () C:\Program Files\Box\Box\unicodedata.pyd
2018-03-13 23:51 - 2018-03-13 23:51 - 000529104 _____ () C:\Program Files\Box\Box\win32com.shell.shell.pyd
2018-03-13 23:51 - 2018-03-13 23:51 - 000156880 _____ () C:\Program Files\Box\Box\win32file.pyd
2018-05-18 17:39 - 2018-05-18 17:39 - 000070864 _____ () C:\Program Files\Box\Box\_sqlite3.pyd
2018-03-13 23:51 - 2018-03-13 23:51 - 000143056 _____ () C:\Program Files\Box\Box\win32security.pyd
2018-03-13 23:51 - 2018-03-13 23:51 - 000070352 _____ () C:\Program Files\Box\Box\win32evtlog.pyd
2018-03-13 23:51 - 2018-03-13 23:51 - 000034512 _____ () C:\Program Files\Box\Box\win32pipe.pyd
2018-05-18 17:39 - 2018-05-18 17:39 - 000032976 _____ () C:\Program Files\Box\Box\_yappi.pyd
2018-05-18 17:39 - 2018-05-18 17:39 - 000041680 _____ () C:\Program Files\Box\Box\_multiprocessing.pyd
2018-03-13 23:51 - 2018-03-13 23:51 - 000028368 _____ () C:\Program Files\Box\Box\win32clipboard.pyd
2018-03-13 23:51 - 2018-03-13 23:51 - 000230608 _____ () C:\Program Files\Box\Box\win32gui.pyd
2018-06-13 05:35 - 2018-06-12 07:36 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libglesv2.dll
2018-06-13 05:35 - 2018-06-12 07:36 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libegl.dll
2018-05-21 05:43 - 2018-05-21 05:44 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-05-09 05:45 - 2018-05-09 05:45 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2016-10-17 21:10 - 2016-10-17 21:10 - 001948688 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\LMUD1O4Z.DLL
2016-10-17 21:10 - 2016-10-17 21:10 - 000905744 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\LMUD1O4A.DLL
2016-10-17 21:10 - 2016-10-17 21:10 - 000034832 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\LMUD1O40.DLL
2018-06-11 05:42 - 2018-06-11 05:42 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-11 05:42 - 2018-06-11 05:42 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-03-17 12:57 - 2018-03-17 12:59 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-30 11:23 - 2018-05-30 11:24 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-30 11:23 - 2018-05-30 11:24 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-04-26 05:33 - 2018-04-26 05:35 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-30 11:23 - 2018-05-30 11:24 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-05 03:53 - 2018-04-05 03:54 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-11 05:42 - 2018-06-11 05:42 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-30 11:23 - 2018-05-30 11:24 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-11 05:42 - 2018-06-11 05:42 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-30 11:23 - 2018-05-30 11:24 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-05-30 11:23 - 2018-05-30 11:24 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-30 11:23 - 2018-05-30 11:24 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-11 05:42 - 2018-06-11 05:42 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
2018-06-08 10:31 - 2018-06-04 11:28 - 031282688 _____ () C:\Users\kos\AppData\Local\Google\Chrome\User Data\PepperFlash\30.0.0.113\pepflashplayer.dll
2018-03-17 12:19 - 2018-06-14 05:59 - 000034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2018-03-17 12:19 - 2013-07-03 21:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2018-06-07 05:35 - 2018-06-04 12:18 - 001107272 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-06-07 05:35 - 2018-06-04 12:18 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-03-19 07:26 - 2018-06-04 12:21 - 000106816 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000025408 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000042312 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000700736 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000137032 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 001845600 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000123200 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-03-19 07:26 - 2018-06-04 12:20 - 000112448 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000031040 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000399168 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-03-19 07:26 - 2018-06-04 12:21 - 000049984 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000027456 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000131392 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000120648 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000028000 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000182080 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000036672 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000032576 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000055104 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000064320 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000152384 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-03-19 07:26 - 2018-06-04 12:20 - 000091448 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000035136 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000067392 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000030528 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000355648 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-06-07 05:35 - 2018-06-04 12:18 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-06-07 05:35 - 2018-06-04 12:19 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-06-07 05:35 - 2018-06-04 12:18 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-03-19 07:26 - 2018-06-04 12:21 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-03-19 07:26 - 2018-06-04 12:21 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-06-07 05:35 - 2018-06-04 12:19 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-06-07 05:35 - 2018-06-04 12:19 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-03-19 07:26 - 2018-06-04 12:21 - 000087904 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2018-03-19 07:26 - 2018-06-04 12:21 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-06-07 05:35 - 2018-06-04 12:20 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-06-11 05:42 - 2018-06-11 05:43 - 084307344 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\libcef.dll
2018-06-11 05:42 - 2018-06-11 05:43 - 003738000 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\libglesv2.dll
2018-06-11 05:42 - 2018-06-11 05:43 - 000088464 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4158694343-2787186292-2830082996-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{79B3FF9D-2A08-44A9-8405-930F57A2E950}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{31F8489F-7505-4166-B33D-D2BE64AEA667}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{6674B590-EF0D-4B83-AE85-AB316208A4AA}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{C94AD2C4-F9B7-4142-9CCF-CA1854D12953}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [{EE5F720E-2240-4A09-913F-1B3FC566BF2F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{59F58F96-1E11-4C93-88F7-5FBB906D0DB3}C:\users\kos\appdata\local\nylasmail\app-2.0.32\nylas.exe] => (Allow) C:\users\kos\appdata\local\nylasmail\app-2.0.32\nylas.exe
FirewallRules: [UDP Query User{616E2E02-E11B-4E08-B028-FD7AF959A2AF}C:\users\kos\appdata\local\nylasmail\app-2.0.32\nylas.exe] => (Allow) C:\users\kos\appdata\local\nylasmail\app-2.0.32\nylas.exe
FirewallRules: [{885CA812-7BE2-4F6A-9723-F60F546297A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2F1C9A76-1E42-4726-AE7B-C338FA90FD09}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{75A23649-3131-4613-B586-DC7877AE6097}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C00D48D3-1432-4435-9ECC-232A92219705}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2A5D5F97-DF99-435F-86A0-EE16519F11B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2A074341-130E-45B6-BC7B-19D1E947C350}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9780CD9A-C3F8-4F81-BED0-879FFFCFDE51}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{DA6DEF4D-9CAD-45D8-9964-47366CEA083A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{70D304EF-9514-4246-9F38-34F9E29C7018}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{93CE519A-B534-47C6-B3AB-30AB940D79A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{9BB51A4C-D55E-4C24-A8FC-146AA539905D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

28-05-2018 07:46:27 Naplánovaný kontrolní bod
05-06-2018 09:01:21 Naplánovaný kontrolní bod
08-06-2018 10:59:23 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649
13-06-2018 05:48:54 Windows Update
14-06-2018 09:58:28 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2018 05:43:38 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/14/2018 05:30:58 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/13/2018 10:07:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CRWindowsClientService.exe, verze: 1.6.1.0, časové razítko: 0x59b6762b
Název chybujícího modulu: CRWindowsClientService.exe, verze: 1.6.1.0, časové razítko: 0x59b6762b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000014c2b
ID chybujícího procesu: 0x2eb0
Čas spuštění chybující aplikace: 0x01d402ed81c7e74b
Cesta k chybující aplikaci: C:\Program Files\Adobe\Adobe Photoshop CC 2018\CRWindowsClientService.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Adobe Photoshop CC 2018\CRWindowsClientService.exe
ID zprávy: 67f9af43-2e79-4a79-b7df-6a9075686157
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (06/13/2018 07:27:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: jucheck.exe, verze: 2.8.60.27, časové razítko: 0x55c117d5
Název chybujícího modulu: jucheck.exe, verze: 2.8.60.27, časové razítko: 0x55c117d5
Kód výjimky: 0x40000015
Posun chyby: 0x00052d24
ID chybujícího procesu: 0x13e0
Čas spuštění chybující aplikace: 0x01d402d730920ba0
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
ID zprávy: 3773f40b-08a2-404b-b9b1-761618d1f8b8
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (06/13/2018 07:12:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 67.0.3396.79, časové razítko: 0x5b172fd3
Název chybujícího modulu: pepflashplayer.dll, verze: 30.0.0.113, časové razítko: 0x5b11e56a
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000dd9c30
ID chybujícího procesu: 0x27fc
Čas spuštění chybující aplikace: 0x01d402d51da1e0cc
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Users\kos\AppData\Local\Google\Chrome\User Data\PepperFlash\30.0.0.113\pepflashplayer.dll
ID zprávy: 90a3939d-9a28-4638-9898-1f4ddc330023
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (06/13/2018 06:47:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program soffice.bin verze 5.4.5.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2160

Čas spuštění: 01d402ce99d44272

Čas ukončení: 59

Cesta k aplikaci: C:\Program Files\LibreOffice 5\program\soffice.bin

ID hlášení: 39248766-e35c-4350-846e-db70190539b2

Úplný název balíčku s chybou: 

ID aplikace související s balíčkem s chybou:

Error: (06/13/2018 05:37:15 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/12/2018 05:42:55 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (06/14/2018 06:09:09 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7QCSSFM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-7QCSSFM\kos (SID: S-1-5-21-4158694343-2787186292-2830082996-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/14/2018 06:08:01 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7QCSSFM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-7QCSSFM\kos (SID: S-1-5-21-4158694343-2787186292-2830082996-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/14/2018 06:01:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
Windows.SecurityCenter.WscDataProtection
 a APPID 
Není k dispozici
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/14/2018 05:58:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDFsam Enhanced 4 Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/14/2018 05:58:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba DbxSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/14/2018 05:58:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Box Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/14/2018 05:58:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (06/14/2018 05:58:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2018-06-15 07:33:48.521
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\kos\Desktop\FRSTLauncher.exe;webfile:_C:\Users\kos\Desktop\FRSTLauncher.exe|http://viry.xf.cz/pro_usery/FRSTLauncher.exe|pid:9400,ProcessStart:131734228805313565
Původ zjišťování: Internet
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-7QCSSFM\kos
Název procesu: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Verze podpisu: AV: 1.269.1280.0, AS: 1.269.1280.0, NIS: 1.269.1280.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-15 07:33:48.378
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\kos\Desktop\FRSTLauncher.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-7QCSSFM\kos
Název procesu: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Verze podpisu: AV: 1.269.1280.0, AS: 1.269.1280.0, NIS: 1.269.1280.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-15 07:24:10.504
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4ECC0ED4-A713-423D-86A9-8A5DE6BAFABA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-06-15 06:11:47.027
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {5AD719FD-09F6-4509-AC59-9568BB5C4247}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-06-15 05:40:39.555
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {76BD80D4-ACB0-48A7-960C-6B7B63B2FEBE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2018-06-13 14:23:41.666
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-13 14:23:41.653
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-13 14:23:41.630
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-13 14:23:41.618
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-13 14:23:41.605
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-13 14:23:41.592
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-13 14:23:41.579
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-13 14:23:41.567
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Box\Box\BoxShellExtShim-1.13.83.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 61%
Total physical RAM: 8060.47 MB
Available physical RAM: 3137.26 MB
Total Virtual: 30711.46 MB
Available Virtual: 2903.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.93 GB) (Free:98.41 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:784.37 GB) NTFS

\\?\Volume{719178b0-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{719178b0-0000-0000-0000-001b3a000000}\ () (Fixed) (Total:0.46 GB) (Free:0.09 GB) NTFS
\\?\Volume{9fd3900c-2cf1-11e8-9fe1-f0795991fe9d}\ (Box) (Network) (Total:231.93 GB) (Free:98.41 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B2F72702)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 719178B0)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=472 MB) - (Type=27)

==================== End of Addition.txt ============================