Dobrý den,
po každém startu počítače se mi ve složce C:\Users\Monika\AppData\Local\Temp objeví soubor a.txt, který je vždy programem RogueKiller označen jako hrozba. Po vymazání a následném restartu počítače se soubor objeví znovu. Žádný jiný projev jsem nezaznamenala, snad jen to, že je počítač poslední dobou pomalejší. Ráda bych se dozvěděla, zda se jedná o něco škodlivého a jestli je možné to nějak vyřešit.
Předem děkuji.
Obsah souboru a.txt:
<title>data.lds.com.cn 售卖中</title><iframe src="https://wanwang.aliyun.com/nametrade/do ... lds.com.cn" style="width:100%;border:none;height:1500px;"></iframe>
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Monika at 2019-02-25 23:09:22
Microsoft Windows 10 Home
System drive C: has 31 GB (15%) free of 212 GB
Total RAM: 8098 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:09:25, on 25.02.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Sticky Password\spNMHost.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Program Files\trend micro\Monika.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [DSATray] C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [TSMApplication] "C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Startup: Bug Shooting 2.lnk = C:\Program Files\Bug Shooting 2\BugShooting2.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://hpalm.vse.cz
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: {80533188-4435-4040-AC3E-91B489C02F21} (ALM Platform Loader v12.2x) - http://hpalm.vse.cz/qcbin/ALM-Platform-Loader.12.2x.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACt ... 3412793224
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: FastbootService - Lenovo - C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GDCAgent - Unknown owner - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo OKO Service - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo PAWD Service (LenovoPAWDService) - Unknown owner - C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe
O23 - Service: lupdate (LenovoUpdate) - Unknown owner - C:\WINDOWS\System32\LenovoUpdate.exe (file missing)
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: OKOControlSvc - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: ymc - Lenovo - C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
--
End of file - 17884 bytes
======Listing Processes======
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-55aa0e12-d50b-4ac8-886a-35b6ae883636 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c24a038a-caca-4051-962c-e367d1ba0649 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-f601a8ec-fb51-4437-8706-e8cdbb591bb6 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e34850ba-1c63-41ae-b58b-b8f8b793e9fd -LifetimeId:78dedc52-5a79-4014-942a-72212b3bb594 -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
c:\windows\system32\svchost.exe -k networkservice -s TermService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-46277590-975c-4fba-b0a4-060f301161e4 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-12a57e34-c93a-44ee-bb73-2080fc04a023 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-82cb6bc9-1915-4bce-9c34-74d6f3d9609c -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5478e82e-86eb-4354-989a-4ca8684ebc8b -LifetimeId:dae71f73-8998-48ac-b575-910f7c6028d2 -DeviceGroupId:
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s SessionEnv
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d332843a-57f2-4ce2-b4ef-e052c8d2d53e -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c873265a-9c4e-4f57-9150-427c1ab60cd9 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e675c109-4983-4481-b2ed-8cfeff021101 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-71bb19f7-460e-4b3f-8825-7aeb89e8e324 -LifetimeId:579783df-803a-4652-8145-29c013425cab -DeviceGroupId:
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Eaphost
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s dot3svc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\WINDOWS\system32\WLANExt.exe 2494225163792
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe"
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
"C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe"
dashost.exe {3cf81c94-4bfb-4a1a-8105bfe10cd50502}
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
System32\LenovoUpdate.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
"c:\program files\avast software\avast\aswEngSrv.exe" /pipename="E6A53005-0FBB-6723-3F75-ECBB4E6C4F21" /binpath="c:\program files\avast software\avast"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
sihost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\RogueKiller\RogueKiller64.exe" -minimize
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe"
igfxEM.exe
igfxHK.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
igfxTray.exe
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe" AutoRun
"C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe"
"C:\Program Files\Lenovo\LenovoUtility\utility.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe" /run
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
AvastUI.exe /nogui
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\Bug Shooting 2\BugShooting2.exe"
"C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe"
"C:\Program Files\Microsoft Office\root\Office16\lync.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end --restore-last-session
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Monika\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Monika\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=72.0.3626.109 --initial-client-data=0x8,0x1e4,0x1e8,0x9c,0x1ec,0x7ffb27985510,0x7ffb27985520,0x7ffb27985530
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=12712 --on-initialized-event-handle=688 --parent-handle=692 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=4388521217997462030 --mojo-platform-channel-handle=1772 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=9878784304396126264 --mojo-platform-channel-handle=1972 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=4642616990343498277 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4642616990343498277 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2572 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=14506475511764822294 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14506475511764822294 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2592 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=9591061842318222978 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9591061842318222978 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2756 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=665858531901785812 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=665858531901785812 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2772 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=3081263303453639030 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3081263303453639030 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2748 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=15045087952097318201 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15045087952097318201 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4196 /prefetch:1
C:\WINDOWS\system32\cmd.exe /d /c "C:\Program Files (x86)\Sticky Password\spNMHost.exe" chrome-extension://bnfdmghkeppfadphbnkjcicejfepnbfe/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.d3093eab85387755 > \\.\pipe\chrome.nativeMessaging.out.d3093eab85387755
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Sticky Password\spNMHost.exe" chrome-extension://bnfdmghkeppfadphbnkjcicejfepnbfe/ --parent-window=0
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=8161471547500237194 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8161471547500237194 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=2731761683185378520 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2731761683185378520 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=13300334332594398197 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13300334332594398197 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=5348188967337742570 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5348188967337742570 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=8961828820773714877 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8961828820773714877 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Users\Monika\AppData\Local\Apps\2.0\2ANX2TA9.V90\07XAGT6M.280\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe"
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\rempl\sedsvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.222.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe" /hide
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=17499747792380332144 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17499747792380332144 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2888 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=10111746542862429797 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10111746542862429797 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2780 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=2579832129675845358 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2579832129675845358 --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8292 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=17996569959197313558 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17996569959197313558 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8852 /prefetch:1
"C:\Program Files (x86)\PSPad editor\PSPad.exe" "C:\Users\Monika\AppData\Local\Temp\a.html"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=10962376081413749748 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10962376081413749748 --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=11510378650976781978 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11510378650976781978 --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8060 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=14122663200758293986 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14122663200758293986 --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9996 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,2612801043629173818,2223061676761880812,131072 --service-pipe-token=18079271606399352942 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18079271606399352942 --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7680 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 728 732 740 8192 736
C:\WINDOWS\system32\AUDIODG.EXE 0x558
"C:\Users\Monika\Downloads\RSITx64.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default
prefs.js - "browser.startup.homepage" - "https://search.yahoo.com/yhs/web?hspart ... 0713__yaff"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.121.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.121.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default\searchplugins\
yahoo-lavasoft-ff59.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-01-20 204880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-03 571456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-03 234560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-01-20 152104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-03 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2019-02-16 2264144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-03 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"AutoStartTransition"=C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [2015-08-08 294672]
"LenovoUtility"=C:\Program Files\Lenovo\LenovoUtility\utility.exe [2015-08-08 791368]
"OneKeyOptimizer"=C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [2015-06-19 604968]
"LMCSSTART1"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2015-03-23 30152]
"LMCSSTART2"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2015-03-23 30152]
"LMCSSTART3"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2015-03-23 30152]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2013-09-04 280576]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-02-11 259976]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-01-26 1392496]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-01-26 1392496]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-01-26 1392496]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-02 9308416]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []
"TSMApplication"=C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [2018-12-10 1623040]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2016-12-09 1207808]
"DSATray"=C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [2019-01-02 126200]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-02-11 259976]
C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Bug Shooting 2.lnk - C:\Program Files\Bug Shooting 2\BugShooting2.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"Max Cached Icons"=2000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2019-02-25 22:48:37 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2019-02-25 22:48:27 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2019-02-25 22:48:26 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2019-02-25 22:48:23 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2019-02-25 22:06:14 ----A---- C:\WINDOWS\system32\drivers\truesight.sys
2019-02-25 21:29:44 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2019-02-25 21:29:32 ----A---- C:\WINDOWS\system32\drivers\MbamElam.sys
2019-02-25 21:29:27 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2019-02-19 17:38:37 ----D---- C:\Program Files\Common Files\DESIGNER
2019-02-13 18:57:02 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2019-02-13 18:57:02 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-13 18:57:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-13 18:57:01 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2019-02-13 18:57:01 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-02-13 18:57:01 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2019-02-13 18:57:01 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2019-02-13 18:57:00 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-13 18:57:00 ----A---- C:\WINDOWS\system32\cdp.dll
2019-02-13 18:56:59 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-02-13 18:56:59 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-02-13 18:56:59 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2019-02-13 18:56:59 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-13 18:56:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2019-02-13 18:56:58 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2019-02-13 18:56:58 ----A---- C:\WINDOWS\system32\spacebridge.dll
2019-02-13 18:56:57 ----A---- C:\WINDOWS\system32\svchost.exe
2019-02-13 18:56:57 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2019-02-13 18:56:57 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-02-13 18:56:57 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-13 18:56:56 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-02-13 18:56:56 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-13 18:56:56 ----A---- C:\WINDOWS\system32\StorSvc.dll
2019-02-13 18:56:55 ----A---- C:\WINDOWS\system32\hal.dll
2019-02-13 18:56:55 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-02-13 18:56:55 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-02-13 18:56:55 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2019-02-13 18:56:54 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-02-13 18:56:54 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-02-13 18:56:54 ----A---- C:\WINDOWS\HelpPane.exe
2019-02-13 18:56:53 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-02-13 18:56:53 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-02-13 18:56:52 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2019-02-13 18:56:52 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-02-13 18:56:52 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-02-13 18:56:52 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2019-02-13 18:56:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-02-13 18:56:51 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-02-13 18:56:51 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-13 18:56:51 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-13 18:56:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2019-02-13 18:56:50 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-02-13 18:56:50 ----A---- C:\WINDOWS\system32\rmclient.dll
2019-02-13 18:56:49 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2019-02-13 18:56:49 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-02-13 18:56:49 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-13 18:56:48 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2019-02-13 18:56:48 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-02-13 18:56:48 ----A---- C:\WINDOWS\system32\sppsvc.exe
2019-02-13 18:56:47 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-02-13 18:56:47 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-02-13 18:56:46 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-02-13 18:56:46 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-02-13 18:56:46 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-02-13 18:56:44 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-02-13 18:56:44 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2019-02-13 18:56:43 ----A---- C:\WINDOWS\system32\wintrust.dll
2019-02-13 18:56:43 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-02-13 18:56:43 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-02-13 18:56:42 ----A---- C:\WINDOWS\system32\wuuhext.dll
2019-02-13 18:56:42 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-13 18:56:42 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-13 18:56:41 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-13 18:56:41 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-02-13 18:56:40 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2019-02-13 18:56:40 ----A---- C:\WINDOWS\system32\msi.dll
2019-02-13 18:56:40 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-02-13 18:56:40 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-13 18:56:40 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-13 18:56:39 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-02-13 18:56:39 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-02-13 18:56:38 ----A---- C:\WINDOWS\system32\itss.dll
2019-02-13 18:56:38 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-02-13 18:56:38 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-02-13 18:56:37 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-02-13 18:56:36 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-13 18:56:33 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-02-13 18:56:33 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-02-13 18:56:32 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-02-13 18:56:30 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-02-13 18:56:30 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-02-13 18:56:30 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-02-13 18:56:25 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-13 18:56:25 ----A---- C:\WINDOWS\system32\browser_broker.exe
2019-02-13 18:56:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-13 18:56:18 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-13 18:56:10 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2019-02-13 18:56:10 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-02-13 18:56:09 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-02-13 18:56:09 ----A---- C:\WINDOWS\system32\wininet.dll
2019-02-13 18:56:08 ----A---- C:\WINDOWS\system32\winresume.exe
2019-02-13 18:56:08 ----A---- C:\WINDOWS\system32\winload.exe
2019-02-13 18:56:08 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-02-13 18:56:08 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-02-13 18:56:08 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-02-13 18:56:07 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2019-02-13 18:56:07 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2019-02-13 18:56:07 ----A---- C:\WINDOWS\system32\wldp.dll
2019-02-13 18:56:07 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-02-13 18:56:07 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-02-13 18:56:06 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-02-13 18:56:06 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-13 18:56:06 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2019-02-13 18:56:06 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2019-02-13 18:56:06 ----A---- C:\WINDOWS\system32\smartscreen.exe
2019-02-13 18:56:06 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-02-13 18:56:06 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-13 18:56:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-13 18:56:05 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2019-02-13 18:56:05 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-02-13 18:56:05 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-13 18:56:05 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-13 18:56:05 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2019-02-13 18:56:04 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2019-02-13 18:56:04 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-13 18:56:04 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-13 18:56:03 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2019-02-13 18:56:03 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-02-13 18:56:03 ----A---- C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-13 18:56:03 ----A---- C:\WINDOWS\system32\browserbroker.dll
2019-02-13 18:56:02 ----A---- C:\WINDOWS\SYSWOW64\spacebridge.dll
2019-02-13 18:56:02 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-02-13 18:56:02 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-02-13 18:56:02 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-02-13 18:56:02 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-02-13 18:56:02 ----A---- C:\WINDOWS\system32\mfps.dll
2019-02-13 18:56:02 ----A---- C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\SYSWOW64\svchost.exe
2019-02-13 18:56:01 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\system32\mf3216.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-02-13 18:56:01 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-02-13 18:56:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 18:56:00 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-02-13 18:56:00 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-02-13 18:56:00 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2019-02-13 18:55:59 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2019-02-13 18:55:59 ----A---- C:\WINDOWS\system32\smss.exe
2019-02-13 18:55:59 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-02-13 18:55:58 ----A---- C:\WINDOWS\SYSWOW64\NtlmShared.dll
2019-02-13 18:55:58 ----A---- C:\WINDOWS\system32\NtlmShared.dll
2019-02-13 18:55:58 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2019-02-13 18:55:57 ----A---- C:\WINDOWS\SYSWOW64\npmproxy.dll
2019-02-13 18:55:57 ----A---- C:\WINDOWS\SYSWOW64\CapabilityAccessManagerClient.dll
2019-02-13 18:55:57 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-13 18:55:57 ----A---- C:\WINDOWS\system32\npmproxy.dll
2019-02-13 18:55:57 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2019-02-13 18:55:56 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2019-02-13 18:55:56 ----A---- C:\WINDOWS\system32\srpapi.dll
2019-02-13 18:55:55 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-02-13 18:55:55 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-02-13 18:55:55 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-02-13 18:46:14 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-02-11 09:42:42 ----A---- C:\WINDOWS\system32\aswBoot.exe
======List of files/folders modified in the last 1 month======
2019-02-25 23:09:25 ----D---- C:\WINDOWS\Prefetch
2019-02-25 23:09:24 ----D---- C:\WINDOWS\system32\drivers\etc
2019-02-25 23:09:23 ----D---- C:\Program Files\trend micro
2019-02-25 23:08:27 ----D---- C:\WINDOWS\Temp
2019-02-25 23:00:29 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-02-25 22:54:41 ----D---- C:\WINDOWS\System32
2019-02-25 22:54:41 ----D---- C:\WINDOWS\INF
2019-02-25 22:54:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-25 22:51:36 ----D---- C:\ProgramData\Lenovo
2019-02-25 22:48:41 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-02-25 22:48:37 ----D---- C:\WINDOWS\system32\drivers
2019-02-25 22:48:26 ----D---- C:\ProgramData\NVIDIA
2019-02-25 22:48:24 ----D---- C:\WINDOWS\system32\catroot2
2019-02-25 22:48:10 ----A---- C:\WINDOWS\system32\LenovoUpdate.exe
2019-02-25 22:48:10 ----A---- C:\WINDOWS\system32\LenovoCheck.exe
2019-02-25 22:48:09 ----A---- C:\WINDOWS\system32\wpbbin.exe
2019-02-25 22:47:45 ----D---- C:\WINDOWS\system32\sru
2019-02-25 22:24:41 ----D---- C:\Program Files (x86)\Steam
2019-02-25 21:29:42 ----D---- C:\ProgramData\Malwarebytes
2019-02-25 21:29:33 ----HD---- C:\ProgramData
2019-02-25 21:29:32 ----HD---- C:\WINDOWS\ELAMBKUP
2019-02-25 21:27:58 ----D---- C:\WINDOWS\system32\SleepStudy
2019-02-25 18:54:18 ----D---- C:\WINDOWS\system32\Tasks
2019-02-25 18:52:54 ----D---- C:\WINDOWS\system32\LogFiles
2019-02-25 09:21:32 ----RD---- C:\WINDOWS\Microsoft.NET
2019-02-25 08:52:29 ----D---- C:\WINDOWS\AppReadiness
2019-02-24 13:47:03 ----A---- C:\IFRToolLog.txt
2019-02-24 11:02:01 ----HD---- C:\Program Files\WindowsApps
2019-02-24 10:58:23 ----D---- C:\Windows
2019-02-23 20:26:21 ----D---- C:\WINDOWS\debug
2019-02-23 18:03:36 ----D---- C:\Program Files\RogueKiller
2019-02-23 16:46:12 ----D---- C:\Program Files (x86)\Intel Driver and Support Assistant
2019-02-21 23:38:24 ----D---- C:\Program Files (x86)\World of Warcraft
2019-02-21 19:17:32 ----SHD---- C:\WINDOWS\Installer
2019-02-21 19:17:31 ----SHD---- C:\Config.Msi
2019-02-21 19:17:14 ----D---- C:\WINDOWS\SysWOW64
2019-02-20 22:44:56 ----AD---- C:\Program Files\Microsoft Office
2019-02-20 22:42:53 ----D---- C:\WINDOWS\Logs
2019-02-20 15:07:56 ----D---- C:\Program Files (x86)\Sticky Password
2019-02-19 18:24:32 ----DC---- C:\Users\Monika\AppData\Roaming\Twitch
2019-02-19 17:38:37 ----D---- C:\Program Files\Common Files\microsoft shared
2019-02-19 17:38:37 ----D---- C:\Program Files\Common Files
2019-02-19 17:31:55 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-19 17:31:54 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2019-02-19 11:52:47 ----DC---- C:\Users\Monika\AppData\Roaming\pgAdmin
2019-02-18 19:38:07 ----D---- C:\WINDOWS\system32\config
2019-02-18 14:46:14 ----SHD---- C:\System Volume Information
2019-02-18 14:31:40 ----D---- C:\WINDOWS\WinSxS
2019-02-18 14:22:03 ----RSD---- C:\WINDOWS\assembly
2019-02-15 19:41:54 ----AD---- C:\Program Files\rempl
2019-02-14 17:49:05 ----D---- C:\WINDOWS\system32\MRT
2019-02-14 17:45:19 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-02-14 17:34:22 ----D---- C:\ProgramData\Realtek
2019-02-14 17:34:21 ----D---- C:\WINDOWS\system32\DriverStore
2019-02-14 17:33:04 ----SD---- C:\WINDOWS\SYSWOW64\F12
2019-02-14 17:33:04 ----SD---- C:\WINDOWS\system32\F12
2019-02-14 17:33:04 ----D---- C:\WINDOWS\TextInput
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\zu-ZA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\yo-NG
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\xh-ZA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\wo-SN
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\tn-ZA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\ti-ET
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\rw-RW
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\nso-ZA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\migration
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\ig-NG
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\cs-CZ
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\Boot
2019-02-14 17:33:04 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-02-14 17:33:03 ----RD---- C:\Program Files\Windows Defender
2019-02-14 17:33:03 ----D---- C:\WINDOWS\ShellExperiences
2019-02-14 17:33:03 ----D---- C:\WINDOWS\bcastdvr
2019-02-14 17:33:03 ----D---- C:\WINDOWS\apppatch
2019-02-14 17:33:03 ----D---- C:\Program Files\internet explorer
2019-02-14 17:33:03 ----D---- C:\Program Files (x86)\Internet Explorer
2019-02-13 19:02:12 ----D---- C:\WINDOWS\CbsTemp
2019-02-08 10:30:48 ----D---- C:\Program Files (x86)\Battle.net
2019-02-07 21:37:38 ----D---- C:\ProgramData\Packages
2019-02-04 08:56:58 ----D---- C:\ProgramData\RogueKiller
2019-02-02 23:53:16 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-02-01 10:51:26 ----D---- C:\Program Files (x86)\pgAdmin 4
2019-01-30 21:11:00 ----SD---- C:\WINDOWS\Downloaded Program Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-02-11 37104]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-02-11 196072]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswblog.sys [2019-02-11 320696]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-02-11 57960]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-01-08 15488]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-02-11 87944]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-02-11 379952]
R0 Fastboot;Fastboot; C:\WINDOWS\System32\DRIVERS\Fastboot.sys [2015-10-22 72808]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-10-09 1398936]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-02-11 205400]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-02-11 225680]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-02-11 249456]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-02-11 42288]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-02-11 112312]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-02-11 1034432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-02-15 474456]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2019-01-08 153328]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2015-10-13 11552]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-02-11 167304]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-02-11 216784]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2015-06-15 72216]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2019-02-25 198512]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R3 ACPIVPC;@oem40.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-08-08 35064]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2018-09-13 7963576]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-02-03 4408792]
R3 KMDFVirtualKbd;@oem31.inf,%KMDFVirtualKbd.SVCDESC%;Lenovo Virtual Keyboard Device; C:\WINDOWS\System32\drivers\KMDFVirtualKbd.sys [2014-08-04 22264]
R3 KMDFVirtualMouse;@oem60.inf,%KMDFVirtualMouse.SVCDESC%;Lenovo Virtual Mouse Device; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [2014-08-04 21240]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2019-02-25 127136]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\DRIVERS\mbam.sys [2019-02-25 72864]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2019-02-25 274416]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2019-02-25 114040]
R3 MEIx64;@oem62.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-10-10 129312]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys [2017-01-17 14190520]
R3 nvvad_WaveExtensible;@oem13.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-11-17 46016]
R3 rt640x64;@oem6.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-09-18 896736]
R3 RtkBtFilter;@oem20.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2015-07-09 607512]
R3 rtsuvc;@oem54.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-02 3057920]
R3 RTWlanE;@oem16.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2017-01-20 6625792]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2019-02-01 20936]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2016-12-09 244032]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-12-08 1097728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 Hamachi;@oem44.inf,%Hamachi.Service.DispName%;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\System32\drivers\Hamdrv.sys [2016-06-07 45680]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-02-06 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IntcDAud;@oem73.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2018-05-09 480176]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-11-17 27584]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-02-06 945680]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-02-11 357304]
R2 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2015-03-23 560584]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2013-09-10 56832]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2015-06-01 654776]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_667a5;CDPUserSvc_667a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-02-07 9678624]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DSAService;Intel(R) Driver & Support Assistant; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [2019-01-02 23288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 FastbootService;FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [2015-10-22 193640]
R2 GDCAgent;GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [2015-06-01 1122744]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-09 18584]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2018-09-13 353768]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-10-10 132896]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2017-09-28 21304]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-10-10 158496]
R2 Lenovo OKO Service;Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2015-05-26 2730280]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2015-04-10 2016040]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoPAWDService;Lenovo PAWD Service; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [2015-08-08 133440]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [2014-06-19 258544]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-08-26 218952]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-10-10 409376]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-02-01 6562472]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-11-17 462784]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-29 458176]
R2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-11-17 1163712]
R2 OKOControlSvc;OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [2015-06-19 367912]
R2 OneSyncSvc_667a5;OneSyncSvc_667a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2018-05-21 3028808]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-05-28 524552]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-05-28 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2015-08-08 321520]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-02-11 6758976]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-07-08 43648]
R3 LenovoUpdate;lupdate; C:\WINDOWS\System32\LenovoUpdate.exe [2019-02-25 26608]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_667a5;PimIndexMaintenanceSvc_667a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06 164984]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-06 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-04-12 52832]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06 164984]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [2019-01-09 390552]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-02-11 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_667a5;BcastDVRUserService_667a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_667a5;BluetoothUserService_667a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2018-09-13 376296]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_667a5;DevicePickerUserSvc_667a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_667a5;DevicesFlowUserSvc_667a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\elevation_service.exe [2019-02-13 1271280]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-06 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13 18168]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2015-03-23 456136]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2015-03-23 453576]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2015-03-23 625608]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_667a5;MessagingService_667a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-02-15 227792]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-11-17 462784]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2018-05-21 2158400]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2019-01-31 259664]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2015-08-08 338416]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_667a5;PrintWorkflowUserSvc_667a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Soubor a.txt
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Soubor a.txt
ahoj,
pouzi navod kolegu https://forum.viry.cz/viewtopic.php?f=1 ... e#p1517620 oba kroky
- pravdepodobne ide o nejaky pozostatok nakupu na alibaba.com
pouzi navod kolegu https://forum.viry.cz/viewtopic.php?f=1 ... e#p1517620 oba kroky
- pravdepodobne ide o nejaky pozostatok nakupu na alibaba.com
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Soubor a.txt
Zeok:
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Monika on 26.02.2019 at 10:36:33,66.
Microsoft Windows 10 Home 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Monika\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
26.02.2019 10:40:13 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Foxit Software deleted successfully
C:\PROGRA~2\Malwarebytes Anti-Malware deleted successfully
C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~2\COMMON~1\Merge Modules deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Monika\AppData\Roaming\Yvtyizlw7oE3juCv deleted successfully
C:\Users\Monika\AppData\Local\DBG deleted successfully
C:\Users\Monika\AppData\Local\EmieSiteList deleted successfully
C:\Users\Monika\AppData\Local\EmieUserList deleted successfully
C:\Users\Monika\AppData\Local\NetworkTiles deleted successfully
C:\Users\Monika\AppData\Local\TSVNCache deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default\prefs.js:
user_pref("browser.startup.homepage", "https://search.yahoo.com/yhs/web?hspart ... 0713__yaff");
user_pref("browser.newtab.url", "https://search.yahoo.com/yhs/web?hspart ... 0713__yaff");
Added to C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Monika\AppData\Roaming\Thunderbird\Profiles\ejkbweui.default\prefs.js:
Added to C:\Users\Monika\AppData\Roaming\Thunderbird\Profiles\ejkbweui.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default
user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("browser.newtabpage.url", "https://search.yahoo.com/yhs/web?hspart ... 80713__yaf
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"sendToDevice
---- FireFox user.js and prefs.js backups ----
prefs__1125_.backup
ProfilePath: C:\Users\Monika\AppData\Roaming\Thunderbird\Profiles\ejkbweui.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__1125_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Foxit Software not found
C:\PROGRA~2\New Folder not found
C:\Users\Monika\AppData\Roaming\calibre deleted
C:\Users\Monika\AppData\Roaming\discord deleted
C:\Users\Monika\AppData\Roaming\Sublime Text 3 deleted
C:\Users\Monika\AppData\Roaming\Twitch deleted
C:\Users\Monika\AppData\Roaming\Unity deleted
C:\Users\Monika\AppData\Roaming\Visual Studio Setup deleted
C:\PROGRA~3\OneKey Optimizer deleted
C:\WINDOWS\sysWoW64\config\systemprofile\.android deleted
C:\PROGRA~3\Trymedia deleted
C:\Users\Administrator\AppData\Local\AVAST Software deleted
C:\Users\Monika\AppData\Local\BTServer.log deleted
C:\Users\Monika\AppData\Local\Unity deleted
C:\windows\SysNative\Tasks\avast! Windows 10 Start Menu helper deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineCore deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineUA deleted
C:\Users\Monika\AppData\LocalLow\Unity deleted
C:\WINDOWS\SMSS-PFRO2932.tmp deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default\searchplugins\yahoo-lavasoft-ff59.xml deleted
"C:\Users\Monika\AppData\Local\AVAST Software\APM\MonikaFfl2.dat" not deleted
"C:\Users\Monika\AppData\Local\AVAST Software\APM\Monika\kv_pam.db" not deleted
"C:\PROGRA~3\Package Cache" deleted
"C:\Users\Monika\AppData\Local\AVAST Software" not deleted
"C:\Users\Monika\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\Monika\AppData\Local\AVAST Software\APM\Monika" not deleted
==== Orphaned Tasks deleted from Registry ======================
avast Windows 10 Start Menu helper deleted
AvastUpdateTaskMachineCore deleted
AvastUpdateTaskMachineUA deleted
Lenovo\StartLenovoMessenger deleted
McAfee\McAfee Idle Detection Task deleted
WPD\SqmUpload_S-1-5-21-3780588772-939456869-1824465523-1001 deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Monika\AppData\Roaming\Thunderbird\Profiles\ejkbweui.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default
- __MSG_avastAppShortName__ - %ProfilePath%\extensions\sp@avast.com.xpi
- Avast Online Security - %ProfilePath%\extensions\wrc@avast.com.xpi
ProfilePath: C:\Users\Monika\AppData\Roaming\Thunderbird\Profiles\ejkbweui.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
==== Firefox Plugins ======================
Profilepath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default
4CCDA227AF8DE758D232B9A0D3E8763E - C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL - Microsoft Office 2016
2C6C5C551AF6ED376960A12CEB5DE3D3 - C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U121
3391BC7B2BDAF9B07564BB4AEF0BC098 - C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.1210.13
449420195220007BD033A90A4765A967 - C:\Users\Monika\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.369\npGatewayNpapi.dll - Skype for Business Web App Plug-in
F99991A677AFEAF23D36C82571052A05 - C:\Users\Monika\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.369\npGatewayNpapi-x64.dll - Skype for Business Web App Plug-in
- C:\Users\Monika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - [?]
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
Google Chrome Version: 72.0.3626.119
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
daanglpcpkjjlkhcbladppjphglbigam - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
fcoadmpfijfcmokecmkgolhbaeclfage - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
Sticky Password extension - Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe
Videostream for Google Chromecast™ - Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl
Avast Online Security (BETA) - Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam
Save to Pocket - Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
Chrome Media Router - Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Chromium Fix ======================
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsfreak.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsfreak.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads2.opensubtitles.org_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads2.opensubtitles.org_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.user-red.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.user-red.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystartab.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystartab.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.mystartabsearch.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.mystartabsearch.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.funsafetabsearch.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.funsafetabsearch.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gomekmidlodglbbmalcneegieacbdmki deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5} - No_Url_Value
==== Reset Google Chrome ======================
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFb4427.TMP was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Guest Profile\Secure Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data-journal was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\System Profile\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Monika\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Monika\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Monika\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Monika\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Monika\AppData\Local\Mozilla\Firefox\Profiles\e0hdmxxq.default\cache2 emptied successfully
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Monika\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Monika\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Monika\AppData\Local\AVAST Software\APM\MonikaFfl2.dat" not found
"C:\Users\Monika\AppData\Local\AVAST Software\APM\Monika\kv_pam.db" not found
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\Users\Monika\AppData\Local\AVAST Software" not found
==== EOF on 26.02.2019 at 11:50:19,05 ======================
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Monika on 26.02.2019 at 10:36:33,66.
Microsoft Windows 10 Home 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Monika\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
26.02.2019 10:40:13 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Foxit Software deleted successfully
C:\PROGRA~2\Malwarebytes Anti-Malware deleted successfully
C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~2\COMMON~1\Merge Modules deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Monika\AppData\Roaming\Yvtyizlw7oE3juCv deleted successfully
C:\Users\Monika\AppData\Local\DBG deleted successfully
C:\Users\Monika\AppData\Local\EmieSiteList deleted successfully
C:\Users\Monika\AppData\Local\EmieUserList deleted successfully
C:\Users\Monika\AppData\Local\NetworkTiles deleted successfully
C:\Users\Monika\AppData\Local\TSVNCache deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default\prefs.js:
user_pref("browser.startup.homepage", "https://search.yahoo.com/yhs/web?hspart ... 0713__yaff");
user_pref("browser.newtab.url", "https://search.yahoo.com/yhs/web?hspart ... 0713__yaff");
Added to C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Monika\AppData\Roaming\Thunderbird\Profiles\ejkbweui.default\prefs.js:
Added to C:\Users\Monika\AppData\Roaming\Thunderbird\Profiles\ejkbweui.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default
user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("browser.newtabpage.url", "https://search.yahoo.com/yhs/web?hspart ... 80713__yaf
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"sendToDevice
---- FireFox user.js and prefs.js backups ----
prefs__1125_.backup
ProfilePath: C:\Users\Monika\AppData\Roaming\Thunderbird\Profiles\ejkbweui.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__1125_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Foxit Software not found
C:\PROGRA~2\New Folder not found
C:\Users\Monika\AppData\Roaming\calibre deleted
C:\Users\Monika\AppData\Roaming\discord deleted
C:\Users\Monika\AppData\Roaming\Sublime Text 3 deleted
C:\Users\Monika\AppData\Roaming\Twitch deleted
C:\Users\Monika\AppData\Roaming\Unity deleted
C:\Users\Monika\AppData\Roaming\Visual Studio Setup deleted
C:\PROGRA~3\OneKey Optimizer deleted
C:\WINDOWS\sysWoW64\config\systemprofile\.android deleted
C:\PROGRA~3\Trymedia deleted
C:\Users\Administrator\AppData\Local\AVAST Software deleted
C:\Users\Monika\AppData\Local\BTServer.log deleted
C:\Users\Monika\AppData\Local\Unity deleted
C:\windows\SysNative\Tasks\avast! Windows 10 Start Menu helper deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineCore deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineUA deleted
C:\Users\Monika\AppData\LocalLow\Unity deleted
C:\WINDOWS\SMSS-PFRO2932.tmp deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default\searchplugins\yahoo-lavasoft-ff59.xml deleted
"C:\Users\Monika\AppData\Local\AVAST Software\APM\MonikaFfl2.dat" not deleted
"C:\Users\Monika\AppData\Local\AVAST Software\APM\Monika\kv_pam.db" not deleted
"C:\PROGRA~3\Package Cache" deleted
"C:\Users\Monika\AppData\Local\AVAST Software" not deleted
"C:\Users\Monika\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\Monika\AppData\Local\AVAST Software\APM\Monika" not deleted
==== Orphaned Tasks deleted from Registry ======================
avast Windows 10 Start Menu helper deleted
AvastUpdateTaskMachineCore deleted
AvastUpdateTaskMachineUA deleted
Lenovo\StartLenovoMessenger deleted
McAfee\McAfee Idle Detection Task deleted
WPD\SqmUpload_S-1-5-21-3780588772-939456869-1824465523-1001 deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Monika\AppData\Roaming\Thunderbird\Profiles\ejkbweui.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default
- __MSG_avastAppShortName__ - %ProfilePath%\extensions\sp@avast.com.xpi
- Avast Online Security - %ProfilePath%\extensions\wrc@avast.com.xpi
ProfilePath: C:\Users\Monika\AppData\Roaming\Thunderbird\Profiles\ejkbweui.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
==== Firefox Plugins ======================
Profilepath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\e0hdmxxq.default
4CCDA227AF8DE758D232B9A0D3E8763E - C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL - Microsoft Office 2016
2C6C5C551AF6ED376960A12CEB5DE3D3 - C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U121
3391BC7B2BDAF9B07564BB4AEF0BC098 - C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.1210.13
449420195220007BD033A90A4765A967 - C:\Users\Monika\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.369\npGatewayNpapi.dll - Skype for Business Web App Plug-in
F99991A677AFEAF23D36C82571052A05 - C:\Users\Monika\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.369\npGatewayNpapi-x64.dll - Skype for Business Web App Plug-in
- C:\Users\Monika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - [?]
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
Google Chrome Version: 72.0.3626.119
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
daanglpcpkjjlkhcbladppjphglbigam - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
fcoadmpfijfcmokecmkgolhbaeclfage - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
Sticky Password extension - Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe
Videostream for Google Chromecast™ - Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl
Avast Online Security (BETA) - Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam
Save to Pocket - Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
Chrome Media Router - Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Chromium Fix ======================
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsfreak.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsfreak.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads2.opensubtitles.org_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads2.opensubtitles.org_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.user-red.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.user-red.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystartab.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystartab.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.mystartabsearch.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.mystartabsearch.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.funsafetabsearch.com_0.localstorage deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.funsafetabsearch.com_0.localstorage-journal deleted successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gomekmidlodglbbmalcneegieacbdmki deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5} - No_Url_Value
==== Reset Google Chrome ======================
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFb4427.TMP was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Guest Profile\Secure Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data-journal was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\System Profile\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Monika\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Monika\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Monika\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Monika\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Monika\AppData\Local\Mozilla\Firefox\Profiles\e0hdmxxq.default\cache2 emptied successfully
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Monika\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Monika\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Monika\AppData\Local\AVAST Software\APM\MonikaFfl2.dat" not found
"C:\Users\Monika\AppData\Local\AVAST Software\APM\Monika\kv_pam.db" not found
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\Users\Monika\AppData\Local\AVAST Software" not found
==== EOF on 26.02.2019 at 11:50:19,05 ======================
Re: Soubor a.txt
Junkware:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Monika (Administrator) on 26.02.2019 at 12:01:13,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.02.2019 at 12:05:28,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Monika (Administrator) on 26.02.2019 at 12:01:13,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6D1FE6EB-F2AF-4DE7-B3A5-085DBF6291B5} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.02.2019 at 12:05:28,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Soubor a.txt
aky je stav 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Soubor a.txt
Po vymazání souboru a.txt a následném restartu se soubor v počítači znovu objeví.
Re: Soubor a.txt
vycisti registre s CCleanerom a napis stav
+
obsah suboru je stale rovnaky ?
+
obsah suboru je stale rovnaky ?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Soubor a.txt
Pomocí CCleaneru 5.53 jsem vyčistila registry a provedla "Quick Clean". Stav stále stejný, soubor a.txt se ve složce zobrazuje, po vymazání a restartu počítače se znovu objeví. Obsah souboru je stále stejný.
Re: Soubor a.txt
Zmaz obsah suboru napr. v notepade, uloz ho, potom pravym tlacitkom klikni
na subor, vlatnosti a daj len na citanie. Restart PC a pozri, ci zmeni obsah.
na subor, vlatnosti a daj len na citanie. Restart PC a pozri, ci zmeni obsah.
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Soubor a.txt
Obsah se po restartu nezměnil (tzn. soubor zůstal prázdný).
Re: Soubor a.txt
v klude prescanuj PC s Avptool
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Soubor a.txt
Po proskenování počítače (označeny všechny checkboxy v "Object to scan") byla nalezena jen jedna hrozba, kterou jsem vymazala. Problém však stále přetrvává.
Re: Soubor a.txt
nejak sa tym netrap, prazdny subor daj read only
ani povodny subor nepredstavuje realne nebezpecenstvo
+
preventivne mozes vlozit additional log z FRST
ani povodny subor nepredstavuje realne nebezpecenstvo
+
preventivne mozes vlozit additional log z FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Soubor a.txt
FRST additional log:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.03.2019
Ran by Monika (02-03-2019 12:32:04)
Running from C:\Users\Monika\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-07-08 15:26:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3780588772-939456869-1824465523-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3780588772-939456869-1824465523-503 - Limited - Disabled)
Guest (S-1-5-21-3780588772-939456869-1824465523-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3780588772-939456869-1824465523-1003 - Limited - Enabled)
Monika (S-1-5-21-3780588772-939456869-1824465523-1001 - Administrator - Enabled) => C:\Users\Monika
WDAGUtilityAccount (S-1-5-21-3780588772-939456869-1824465523-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{E24348A6-82E6-4FC7-BE14-189265418B30}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{0F58DF31-E2D8-45BE-AD43-D31D8707ACA1}) (Version: 3.7.0.8 - Intel) Hidden
µTorrent (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\uTorrent) (Version: 3.5.5.44954 - BitTorrent Inc.)
Active Directory Authentication Library for SQL Server (HKLM\...\{52D1FCFD-1052-4D75-B3FB-9906901AFD98}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Anno 1602 (HKLM-x32\...\Uplay Install 2990) (Version: - Ubisoft)
Anno 1602 Compatibility fix (HKLM\...\{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb) (Version: - )
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 375.70 - NVIDIA Corporation) Hidden
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Black & White® 2 Battle of the Gods (HKLM-x32\...\{10631C28-62E5-477C-9B40-40C5EA8219BE}) (Version: 1.00.0000 - Lionhead Studios)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.70a - Blender Foundation)
Bug Shooting 2 (HKLM\...\Bug Shooting 2) (Version: 2.15.3.796 - Alexej Hirsch)
calibre (HKLM-x32\...\{55763553-9485-4117-88D9-46237F7A5F08}) (Version: 3.36.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.3.05017 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{0BEF117F-BEBD-4948-AF22-210D14736BEC}) (Version: 4.3.05017 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D1844DC3-B378-47CC-AB40-7FC16C79A2CD}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4ABFEC28-1554-493D-A84D-BEA21D8E6D6F}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
DiagnosticsHub_CollectionService (HKLM\...\{A5DD0731-C724-4037-B35B-B80782AACE00}) (Version: 15.0.27128 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dotfuscator and Analytics Community Edition 5.19.1 (HKLM-x32\...\{2A7F99F6-88A4-4B44-B350-41C0B147A39C}) (Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Enterprise Architect (HKLM-x32\...\{9BEB85A4-D6C9-4978-AA55-AEE08FBD1A54}) (Version: 13.5.1351.25 - Sparx Systems)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.10.1225 - Epubor Inc.)
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version: - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP ALM Microsoft Excel Add-in (HKLM-x32\...\{AFA5B66F-C0B3-4E55-A883-B4E92D08E4B7}) (Version: 12.53.94.0 - Hewlett-Packard)
icecap_collection_neutral (HKLM-x32\...\{9149432D-3BEE-4869-B6F5-7A5CF843A612}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{D0C9796E-CB35-4440-885D-9630A0153D1E}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{B96B62E4-2EE4-45EC-8082-246FFC1B12E3}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{DFEE2505-3414-4C9E-BD69-90028AB9EAAF}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{262EE643-72FF-406D-9776-C6B65443DA5B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{AADC83BE-DF94-40A8-AF7E-D907489AE155}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{883ED9A8-3762-481E-A362-3A7BE5CBEB15}) (Version: 10.0.1740 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{93FE134F-7678-4D90-A849-6FF6EB28CCDF}) (Version: 2.4.04289 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.0.0.15 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{47C73491-A750-4865-B68D-588CD2955036}) (Version: 19.40.1702.1091 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{e03c7229-07fa-483d-a64f-55e545a2e21d}) (Version: 3.7.0.8 - Intel)
IntelliTraceProfilerProxy (HKLM-x32\...\{0A2EDF2C-9A71-43D7-964A-696BB7CEAC65}) (Version: 15.0.25.0 - Microsoft Corporation) Hidden
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Lenovo App Services (HKLM\...\Lenovo App Services) (Version: 0.200.8.268 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10285 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\{D3F38500-4C99-4E4F-9786-B907224E13A1}) (Version: 2.6.0.0528 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{D3F38500-4C99-4E4F-9786-B907224E13A1}) (Version: 2.6.0.0528 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo Patch Utility (HKLM-x32\...\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{49A09C2C-FFF4-478E-B397-5E0979F67F5D}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.5.2624.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.5.2624.01 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.24.256 - Lenovo Corporation)
Lenovo Settings (HKLM\...\{D14CCBF5-1A3A-4C08-955B-BE6D519835C4}_is1) (Version: 2.0.0.5 - Lenovo)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.33 - Lenovo Group Limited)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.0.21 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Settings WiFi (HKLM\...\{86045A6C-C156-4349-A3E2-47A88A42F5C2}_is1) (Version: 2.0.0.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo)
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 2.0.0.3 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 2.0.0.3 - Lenovo)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Core SDK - 2.1.4 (x64) (HKLM-x32\...\{9e732e8f-9e57-467d-a425-6f2387bdabd0}) (Version: 2.1.4 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (čeština) (HKLM-x32\...\{E249803A-BD5B-4FDC-A630-976C2971F5B4}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (čeština) (HKLM-x32\...\{25C7677B-0398-46A3-A0EE-7B393D20FA30}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Azure Authoring Tools - v2.9.5.3 (HKLM\...\{086C537B-DE1A-4A11-8441-6AAF076174B8}) (Version: 2.9.8699.20 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.10730.20280 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{1385D3DB-8E80-427B-91D2-B7535862B8E4}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 CTP2.1 (HKLM\...\{9BAD8F82-A221-42CE-AFF0-7CAB825790C9}) (Version: 14.0.600.250 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 CTP2.1 (HKLM-x32\...\{F0DD1AA8-44D7-4ACE-AF65-7378EA5D884C}) (Version: 14.0.600.250 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 2 (HKLM-x32\...\{04fa3a35-1f49-4510-8051-819cdc1e6e01}) (Version: 14.0.25123.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.14.167.122 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{65C71B09-C33D-4F60-93EA-DF3AD1D40600}) (Version: 10.0.1981 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 64.0 (x64 cs) (HKLM\...\Mozilla Firefox 64.0 (x64 cs)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 cs)) (Version: 52.9.1 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{13FE8B50-B340-4FDA-BB6E-AA1F5FAB8205}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20280 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20280 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.10730.20280 - Microsoft Corporation) Hidden
OneKey Optimizer (HKLM-x32\...\{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.3.0.7 - Lenovo) Hidden
OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.3.0.7 - Lenovo)
Oracle VM VirtualBox 5.2.8 (HKLM\...\{A7F49FA5-9FCA-4936-8652-CD00206D9300}) (Version: 5.2.8 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.18.58059 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
pgAdmin 4 version 1.1 (HKLM-x32\...\pgAdmin 4v1_is1) (Version: 1.1 - The pgAdmin Development Team)
pgAdmin 4 version 4.1 (HKLM-x32\...\pgAdmin 4v4_is1) (Version: 4.1 - The pgAdmin Development Team)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
PuTTY release 0.66 (HKLM-x32\...\PuTTY_is1) (Version: 0.66 - Simon Tatham)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.091213 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.)
RogueKiller version 13.1.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.1.6.0 - Adlice Software)
Roslyn Language Services - x86 (HKLM-x32\...\{263EF873-F5D0-3134-A962-356C21A3510F}) (Version: 14.0.25126 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Sims 4 Studio (HKLM-x32\...\{870AA913-0774-4ED0-B144-BC2C0CBE4BA0}_is1) (Version: 3.0.1.9 - Sims 4 Studio)
Skype for Business Web App Plug-in (HKLM-x32\...\{5EEFC600-CE9E-4DCE-862A-E7D4A9C7B568}) (Version: 15.8.20020.369 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SoapUI 5.3.0 5.3.0 (HKLM\...\5517-2803-0637-4585) (Version: 5.3.0 - SmartBear Software)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sticky Password 8.2.1.228 (HKLM-x32\...\Sticky Password_is1) (Version: 8.2 - Lamantine Software)
Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Sybase PowerDesigner 16.5 (HKLM-x32\...\{AB1E6446-8D82-45B4-B409-4034D6A446DC}) (Version: 16.5.3982 - SAP)
Team Explorer for Microsoft Visual Studio 2015 Update 2 (HKLM-x32\...\{7932CD6F-86D3-3EE4-8A02-B954404D1FFC}) (Version: 14.95.25118 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.42.30.1020 - Electronic Arts Inc.)
TortoiseSVN 1.9.7.27907 (64 bit) (HKLM\...\{FBD345DC-093A-4D89-A9B8-10C1BA356048}) (Version: 1.9.27907 - TortoiseSVN)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software)
Twitch (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
TypeScript Power Tool (HKLM-x32\...\{60890089-588B-4362-B9C5-A9C11D6E5DD1}) (Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript SDK (HKLM-x32\...\{B08D05BC-7897-4616-B34C-95B58D07650C}) (Version: 2.5.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{DD51688B-194A-4A10-83D8-40AD1D9954A1}) (Version: 1.8.30.0 - Microsoft Corporation) Hidden
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.3.6 - Lenovo)
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
vcpp_crt.redist.clickonce (HKLM-x32\...\{0074562E-F896-4994-9086-79F8BC8DE02C}) (Version: 14.12.25830 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{DD7D028C-ACE5-43F9-947A-9F24DED8B64A}) (Version: 14.12.25830 - Microsoft Corporation) Hidden
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
Visual Studio Community 2017 (HKLM\...\7d9db401) (Version: 15.5.27130.2036 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{8A2BDA07-3417-46C1-9058-CB32BC63E30E}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{0EE5749D-2DC0-460F-AB1C-06B3EDB42426}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden
VS Update core components (HKLM-x32\...\{6A878817-D626-305A-BE8D-94C93F70E27A}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{18640789-304F-40B5-884B-130B4A97D83B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{595F5D63-8773-4182-A1E0-EC9ECF4B6EA4}) (Version: 15.0.27102 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{226CCDB6-96F9-4DE6-9CCC-DB49D0A0A971}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{9414C260-D479-49EB-B0BF-01C1F5076EA0}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{A57BD1C0-42AD-42F8-AFEB-FAC7E6ABB005}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{70F69B4F-7950-4841-8139-5D0C7EDD2FE6}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{231C8ADB-BF59-458E-A909-CFA825F46388}) (Version: 15.0.27102 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{9CDD69A2-765A-4970-AB6B-595A740C614F}) (Version: 15.0.27019 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B8B65A93-F72B-42C2-AE1A-FF440B44BB67}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinSCP 5.7.6 (HKLM-x32\...\winscp3_is1) (Version: 5.7.6 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Beta (HKLM-x32\...\World of Warcraft Beta) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.2-0 - Bitnami)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3780588772-939456869-1824465523-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3780588772-939456869-1824465523-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3780588772-939456869-1824465523-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2013-09-12] (Realtek Semiconductor Corporation) [File not signed]
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2017-08-08] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2017-08-08] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2017-08-08] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2017-08-08] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2017-08-08] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers1_S-1-5-21-3780588772-939456869-1824465523-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0448A738-DBBD-4050-8F1A-C9013EE81BF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {0F600C9E-6507-4FB9-A13A-B8C87B60981D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel® Services Manager -> )
Task: {0FF88B90-E194-47A2-9006-5E36468046AA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel® Services Manager -> )
Task: {117A4048-001A-42A8-B171-323442694DB9} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe () [File not signed]
Task: {143AC5E8-2145-4FD2-B945-DA618541DC87} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {17AA0111-E234-40B7-8FAB-8D4791461A8C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1EB3F042-21F7-467C-B093-FF50ADF57270} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {234E8EA2-285D-46B0-8A28-BEC045090142} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24BCE4AD-A59B-4C45-B9D8-1B78ECD1C4DA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {25BF7B03-F0A3-4941-978F-073760452952} - System32\Tasks\{2E9BF2B5-845C-43F3-B4C8-7670F20CCF47} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Monika\Documents\HRY\Warcraft 3 + Frozen Throne CZ Full Patched 1.26\Warcraft III\Warcraft III.exe" -d "C:\Users\Monika\Documents\HRY\Warcraft 3 + Frozen Throne CZ Full Patched 1.26\Warcraft III"
Task: {26E5541D-9A0A-498F-8F42-D10B89DCBA97} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {2FA03E45-D29F-468F-A798-34D1201C440B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {344A233A-EF42-46B8-9719-1AEA04FF3644} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {42127AB3-9DD0-44B2-BCF4-8F74D1A93934} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {43206D28-C084-4C76-8F98-BEB2C9C124BC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44452C1F-5AD9-4252-982E-ED6C76B34F88} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4537C048-27E9-4622-969E-102A90A26D70} - System32\Tasks\{CAC16486-7B2D-4BD1-9199-B4A702974DE4} => C:\WINDOWS\system32\pcalua.exe -a "C:\ExcaliburWoW Burning Crusade 2.4.3 - With Basic AddOns\Wow.exe" -d "C:\ExcaliburWoW Burning Crusade 2.4.3 - With Basic AddOns"
Task: {497D3D2A-9B6E-4824-8504-4431DFC72358} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4E47886D-61B7-45BF-BA2E-3488B813BCC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6880719A-1060-4A8D-B354-E0CF82FBA389} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6EBC3E40-08F4-447E-8B51-B1F559FBBA56} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7196B7E1-F6F3-420A-BF2A-BD1B3CF5E3CD} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {719D3BB9-6ED1-4DCF-9812-278006E60F39} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {75435B78-C991-478C-85A3-56D4022BA5C9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (LENOVO -> Lenovo)
Task: {83F48B47-6D2C-4FE7-BEC5-EDBC4376A94D} - System32\Tasks\{4E15EF07-A626-41B1-9DF6-13C8E27DBADF} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Lionhead Studios\Black & White 2\white.exe" -d "C:\Program Files (x86)\Lionhead Studios\Black & White 2"
Task: {886273C3-14FA-44F6-9B00-A6D066764011} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {88EE99A4-0256-4386-8B83-C01BCAF3525A} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: {8F5102DC-63B6-4A98-A53D-151A11AB8B18} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {90CDDBE7-6FE3-40D0-8690-1E63DA910933} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {977FDD96-AC3F-4C9E-B520-08A60027B8D5} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3780588772-939456869-1824465523-1001 => "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {9911358F-8E0C-4110-9071-BE8E64E9E36D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A262B025-5C0D-4278-9F31-4F180AF43FD1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A4B51257-0D32-44F7-8954-35A5053CC5DD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6B4C09F-B68C-4861-B3FB-0FE2BDDE1631} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {ACFBD40B-7927-485A-9E12-91EFB6734B9F} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe (Adlice -> )
Task: {B26E290F-DD81-4EDF-A981-930F02729212} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B43EDB2F-4913-449A-A18D-BC5DCB392E07} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B8AEDE4D-178B-4B6E-999D-106655530700} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {BA45A15E-7CA5-410B-BBE4-3A76AD393BCA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CEC691D7-0B13-4EF8-9BE7-6C4B1526580E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2C64D8F-636D-4B09-952B-BE1E09FE2251} - System32\Tasks\SafeZone scheduled Autoupdate 1456343663 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {DE0D814B-0724-40E3-95E2-B813FBDD44D1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DE8991A7-28AF-4D9D-B16B-1BC235E7A80B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F779B1FD-2594-4747-B61A-3B47A442B6F0} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe (LENOVO -> )
Task: {FB92EB50-55A7-4CA1-B179-B0EF28E8D44E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (LENOVO -> Lenovo)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Monika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b8da4a38624bbb1e\Feedback.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gfdkimpbcpahaombhbimeihdjnejgicl
==================== Loaded Modules (Whitelisted) ==============
2017-03-04 14:28 - 2013-09-10 17:19 - 000056832 _____ () [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2017-03-04 14:28 - 2013-09-04 16:04 - 000280576 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
2017-03-04 14:28 - 2011-11-11 17:42 - 000032768 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\Dun.dll
2017-03-04 14:28 - 2013-09-04 16:36 - 000705536 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\obexpf.dll
2017-03-04 14:28 - 2013-07-17 19:39 - 000437760 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DllMonoCtrl.dll
2017-03-04 14:28 - 2013-06-14 09:55 - 000290304 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\StereoControl.dll
2017-03-04 14:28 - 2013-07-17 19:39 - 000025600 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\VendorCmdExport.dll
2017-03-04 14:28 - 2013-07-17 19:39 - 000024576 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpIo64.dll
2017-03-04 14:28 - 2013-03-01 16:17 - 000045568 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\rtsocket.dll
2016-12-05 00:50 - 2016-12-05 00:55 - 003012608 _____ () [File not signed] C:\Program Files\Bug Shooting 2\BugShooting2.exe
2016-09-04 09:46 - 2016-09-04 09:46 - 000000000 ____LMicrosoft Corporation C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2016-09-04 09:46 - 2016-09-04 09:46 - 000000000 ____LMicrosoft Corporation C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2019-02-18 14:35 - 2019-02-18 14:35 - 002795008 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\65ec576a619e53431d30d1d69762310d\Newtonsoft.Json.ni.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 001623040 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
2017-09-28 18:41 - 2017-09-28 18:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2018-05-21 17:41 - 2018-05-21 17:41 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2017-10-07 12:49 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2017-10-07 12:48 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2014-10-09 22:54 - 2014-10-09 22:54 - 000297472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2014-10-09 22:54 - 2014-10-09 22:54 - 000541696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2019-02-26 20:15 - 2019-02-26 20:15 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Core.dll
2019-02-26 20:15 - 2019-02-26 20:15 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Gui.dll
2019-02-26 20:15 - 2019-02-26 20:15 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Multimedia.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Qml.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Quick.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Widgets.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5WinExtras.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Xml.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Network.dll
2019-02-26 20:13 - 2019-02-26 20:14 - 085602816 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\libcef.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000596992 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\chrome_elf.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\platforms\qwindows.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qgif.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qico.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qjpeg.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qmng.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qsvg.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Svg.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qtiff.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\fmod.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\audio\qtaudio_windows.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000089600 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\libEGL.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 003841536 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\libGLESv2.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick.2\qtquick2plugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick\Window.2\windowplugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5QuickControls2.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5QuickTemplates2.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQml\Models.2\modelsplugin.dll
2015-08-08 12:26 - 2015-01-22 19:18 - 002201088 _____ () [File not signed] C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2015-08-08 12:26 - 2015-01-22 19:18 - 002085888 _____ () [File not signed] C:\Program Files\Lenovo\Communications Utility\cv210.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 002741248 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000783360 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000047104 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000009728 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000758784 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000084992 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000053760 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 001861120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 004182528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 001580032 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 001079296 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000848896 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000075264 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000137216 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 002002944 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 004877312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 004101120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 004490752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000039424 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000991744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000381952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000218624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000308736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\sharepoint.com -> hxxps://vse-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\vse.cz -> hxxps://hpalm.vse.cz
IE trusted site: HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\vse.cz -> hxxp://hpalm.vse.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-07-17 12:34 - 2019-02-26 10:41 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;D:\app\Monika\product\11.2.0\client_2\bin;D:\app\Monika\product\11.2.0\client_1\bin;C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Lenovo\Motion Control\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\TortoiseSVN\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\RogueKiller;
HKU\S-1-5-21-3780588772-939456869-1824465523-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Monika\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\StartupApproved\StartupFolder: => "8760b317178c876e1f56945899077ea6.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{945286CE-E61F-459D-8258-2CFFDB110A28}E:\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) E:\world of warcraft beta\utils\wowvoiceproxyt.exe No File
FirewallRules: [TCP Query User{D488F06C-4762-4EDF-B994-8AF5042AA13A}E:\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) E:\world of warcraft beta\utils\wowvoiceproxyt.exe No File
FirewallRules: [UDP Query User{1CC8A7EC-FE77-4F5F-B82C-192D0DFF0698}E:\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) E:\world of warcraft beta\utils\wowvoiceproxyt.exe No File
FirewallRules: [TCP Query User{B00F9D09-946E-461B-B656-F56E61C9BD32}E:\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) E:\world of warcraft beta\utils\wowvoiceproxyt.exe No File
FirewallRules: [{7332F3EB-3091-4C39-8384-B3E8F55AD094}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{7448FD7E-3DE4-4B50-9BBC-ECF563B6C950}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E86DC7F3-508E-4A4F-AA3B-32FB5FEB086A}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{C930BC0C-B9D2-4509-B0CE-61528A201B5E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [UDP Query User{DC31795B-5821-4FDF-B520-3AEB82778F4D}C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe] => (Allow) C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe (Smartbear Sweden AB -> )
FirewallRules: [TCP Query User{6A30F0F4-4138-4B79-ACE8-935973D94540}C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe] => (Allow) C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe (Smartbear Sweden AB -> )
FirewallRules: [UDP Query User{94B5E6F1-21E3-4B69-B0D4-7849537F8976}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{E514C805-06B1-4C1D-AD87-1878DDDE46F7}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{81905A2B-9122-447C-B565-487FB0E8CE93}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{23D11BEF-AB96-4A29-B909-E69AFC521206}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{4A408DDB-40BC-4D5D-B07E-DE93305440D7}C:\program files (x86)\winscp\winscp.exe] => (Allow) C:\program files (x86)\winscp\winscp.exe (Martin Prikryl -> Martin Prikryl)
FirewallRules: [TCP Query User{0E1F95BE-916F-45BF-A18D-79A6DD2E6BAF}C:\program files (x86)\winscp\winscp.exe] => (Allow) C:\program files (x86)\winscp\winscp.exe (Martin Prikryl -> Martin Prikryl)
FirewallRules: [{32D4D053-6F58-440D-A7C6-4AF106210274}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C056255C-FDC8-4581-8FF8-CB6C51671532}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AA9B26BF-01DB-40C0-B5E7-2A92E304FEA3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{02AD9742-D9A9-42D2-BC4A-B1FB4A52FD87}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{FCB81A01-D607-4515-B86B-75AC9DB397B8}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{47322C7A-0281-4EC3-8ABB-7FFD92C9ED58}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo -> )
FirewallRules: [{6947E874-19C2-46FF-B426-D672966F2E02}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo -> )
FirewallRules: [{E743843A-B4A5-497E-A6CB-57E0992DCB62}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5FCE12FA-A850-4063-BDA9-9DC8B3C4A432}] => (Allow) LPort=55100
FirewallRules: [{E749EF1E-9D8E-4A5C-BEC9-07626246835E}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{C67C4FEB-B639-4A00-8038-182BAA0F4C85}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F009EB9-48DC-4A91-A1C3-202229B76FD1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CE7E6AD-D834-4D24-B697-95F9AB408B17}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35C687CA-2ADE-4C97-B207-B3981582F33C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A051DEB1-AC9A-4410-B1BF-F3EFAE6ED5AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A463F4C7-431E-4A43-9343-E127AEF1B385}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B3628153-67FB-42A0-A10E-2B570FD1324E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C6ECFA08-1A52-4394-97C0-7E1D148C194F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AEA130BA-D9E2-43A5-A097-3F1ED7D463F5}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [{BB1FD35D-53DF-4F30-A0C5-BD5EAE80412F}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [{0AAD6939-9B22-42F9-8116-32796A6D8B50}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [{3BA8E496-4588-44DC-B51F-68556008B323}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [{D1BCD7AD-6222-426E-BE5E-C99CCE9FC469}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [{C2D3408F-BF5C-4773-8BEF-769533AFE831}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [TCP Query User{FDCB7705-B872-4C9A-8443-44131EE626FB}C:\program files (x86)\putty\putty.exe] => (Allow) C:\program files (x86)\putty\putty.exe (Simon Tatham) [File not signed]
FirewallRules: [UDP Query User{5668D229-82DD-47FE-BBE9-82509B4F2919}C:\program files (x86)\putty\putty.exe] => (Allow) C:\program files (x86)\putty\putty.exe (Simon Tatham) [File not signed]
FirewallRules: [{C8202703-6757-4462-BD1A-7053E506637A}] => (Block) C:\program files (x86)\putty\putty.exe (Simon Tatham) [File not signed]
FirewallRules: [{B4B23977-5F38-4108-9993-505210DF4345}] => (Block) C:\program files (x86)\putty\putty.exe (Simon Tatham) [File not signed]
FirewallRules: [{85967E6A-E4C2-4A60-923A-04B5F1541556}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{36564ED1-BFEB-4299-B3EE-89F47E9E1622}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{6BA7F065-A7F0-4292-BFEB-6AC48EF4143E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{18DA74AD-2A1A-44A8-96B2-41C17F81FD0C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [TCP Query User{58DF493A-17BE-4458-94E0-580E7A705E65}C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe] => (Allow) C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe (Smartbear Sweden AB -> )
FirewallRules: [UDP Query User{C07394CF-955C-41F7-A364-400D6030B9FA}C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe] => (Allow) C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe (Smartbear Sweden AB -> )
FirewallRules: [{915BA037-0D98-4743-9725-951971527608}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{409B4078-D9A2-479C-9039-3C0D9D8D2E34}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B85DF9E3-23B9-4FEB-9117-086191B7D6D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{C76D9103-33A4-4839-9933-AA26F56E203F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{99426349-FFD1-49FA-B8FB-70D204227816}] => (Allow) LPort=5556
FirewallRules: [{FD82C234-C7A8-4DB6-A8B8-D9E5F50EB19B}] => (Allow) LPort=5558
FirewallRules: [TCP Query User{28E0E9A6-0F41-4BAD-B510-CF32CAA267C4}\\192.168.3.98\data\cd images\monika\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) \\192.168.3.98\data\cd images\monika\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
FirewallRules: [UDP Query User{B3586968-2837-4276-BC40-B7C8928B08AB}\\192.168.3.98\data\cd images\monika\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) \\192.168.3.98\data\cd images\monika\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
FirewallRules: [{333D24DA-4C63-4CDD-A8A3-C9F0ABD2C287}] => (Allow) C:\Users\Monika\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{179DF1ED-0CA9-4188-8B17-32A140479B2F}] => (Allow) C:\Users\Monika\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{22156322-17CD-48F1-8753-7473FC373AAA}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{00479EDD-CBF4-4565-B832-E1FDAA741FD2}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{E04722EC-E700-4CA9-BA03-C5E2EC8DCA4F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ED685E85-E331-412C-8EC3-2723385DE81E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E438C9BF-F470-4639-A1D2-48482E5663E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{096934BC-B6EB-499F-AE82-5AFCF038E606}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{862E5EAF-4508-43CE-B87D-56B634F55758}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AC932AE5-A4FB-4035-BA06-1E5879566250}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{24265C86-49C8-4AAF-86DF-617A66A081EE}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{68A28AA5-0AE8-4E48-8BC3-8A27A7658802}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{B41C31CD-DA56-435C-ABEE-3B039EF4D3F3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 1602\Eng\1602.exe (Ubisoft Entertainment SA -> MAX DESIGN)
FirewallRules: [TCP Query User{3DEAA038-6B05-4945-991D-6839303BAEC4}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{14E82D90-296E-4DEE-AD3F-DDE5D9BA421C}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{283646DB-EEC9-4254-B206-41BB31E47243}C:\program files (x86)\epubor\ultimate\epuborultimate.exe] => (Allow) C:\program files (x86)\epubor\ultimate\epuborultimate.exe (Wuhan JinDu Technology Ltd. -> )
FirewallRules: [UDP Query User{DBCFD90D-26B6-462B-A35C-29848B1D10DE}C:\program files (x86)\epubor\ultimate\epuborultimate.exe] => (Allow) C:\program files (x86)\epubor\ultimate\epuborultimate.exe (Wuhan JinDu Technology Ltd. -> )
FirewallRules: [{B823CF3B-D86D-4E08-BFC0-5FE58863B257}] => (Allow) D:\SteamLibrary\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive) [File not signed]
FirewallRules: [{A88ADEE8-A72F-4913-A5A6-025643870C97}] => (Allow) D:\SteamLibrary\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive) [File not signed]
FirewallRules: [{76C34CC1-15E6-40D5-9F21-EED6F79FD009}] => (Allow) D:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{5B1F9F85-3AAA-48EE-998A-4A85D46C9638}] => (Allow) D:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{0C356961-717C-48CF-BA64-E8C6C0BA471B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{379FA1EB-F575-4DC0-8842-55F1FA858D23}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09A8F9C9-B4EC-40A0-92C2-9A36D5E44D5F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6CC901B2-A4B0-4734-A44D-DD5C57925433}C:\program files\microsoft office\root\office16\lync.exe] => (Allow) C:\program files\microsoft office\root\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A5F2AA6C-CB9E-4275-9CE4-BD18F25B7688}C:\program files\microsoft office\root\office16\lync.exe] => (Allow) C:\program files\microsoft office\root\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AA1D3DE2-79D7-4FCA-A13B-DE4F05259DC9}] => (Allow) D:\SteamLibrary\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1DB50EEC-0A79-46A7-B618-FE7229881CC6}] => (Allow) D:\SteamLibrary\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9ADB0D14-098E-4597-A37B-B77236B2629A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{460030D7-D3BC-4D5A-B059-0EAEE6296DA3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{AF0FD0A4-8B76-48ED-B83D-C63AB04107A5}] => (Allow) D:\SteamLibrary\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{50108FEC-684A-4658-9701-6A821D39618F}] => (Allow) D:\SteamLibrary\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{B9FA7505-75D5-41F0-BB22-B26CB902F0BF}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{23259239-1D20-4387-9AD3-A8993425EF55}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{C8605821-59EA-4C3A-B8E8-D1DF826A5342}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{77743EDA-9775-40C8-9201-A65B8CF77C21}] => (Allow) D:\SteamLibrary\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{806EF6E9-89F0-401E-8BC8-895C861F5407}] => (Allow) D:\SteamLibrary\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B11120D0-294D-467F-9C4C-0AFE358CEAF7}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{73558C33-6903-4A5D-A5FC-C7C42B46691D}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
==================== Restore Points =========================
26-02-2019 12:01:14 JRT Pre-Junkware Removal
01-03-2019 21:37:55 Windows Update
==================== Faulty Device Manager Devices =============
Name: Dotyková obrazovka standardu HID
Description: Dotyková obrazovka standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/02/2019 11:05:45 AM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/02/2019 11:05:45 AM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/01/2019 10:43:09 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/01/2019 10:43:08 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/01/2019 07:14:12 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/01/2019 07:14:12 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/01/2019 05:07:21 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: MONIKA-PC)
Description: httphttp-2147467263
Error: (03/01/2019 04:58:14 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: MONIKA-PC)
Description: httphttp-2147467263
System errors:
=============
Error: (03/02/2019 10:12:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (03/02/2019 10:12:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/02/2019 10:01:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/02/2019 12:47:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/01/2019 09:56:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (03/01/2019 09:54:44 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/01/2019 05:13:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/01/2019 05:06:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
CodeIntegrity:
===================================
Date: 2019-02-26 18:36:32.835
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 18:36:30.987
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 18:35:37.793
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 17:42:25.452
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 17:42:23.861
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 17:41:34.490
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 17:15:20.609
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 17:15:20.016
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 83%
Total physical RAM: 8097.85 MB
Available physical RAM: 1320.59 MB
Total Virtual: 15009.85 MB
Available Virtual: 5081.3 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:207.09 GB) (Free:32.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Hry) (Fixed) (Total:678.76 GB) (Free:662.99 GB) NTFS
\\?\Volume{4f2d2d39-adda-4272-a7f3-421e382cfb6b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{8dd601b3-a54b-498b-a8ac-709f5647feef}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ==================
==================== End of Addition.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.03.2019
Ran by Monika (02-03-2019 12:32:04)
Running from C:\Users\Monika\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-07-08 15:26:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3780588772-939456869-1824465523-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3780588772-939456869-1824465523-503 - Limited - Disabled)
Guest (S-1-5-21-3780588772-939456869-1824465523-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3780588772-939456869-1824465523-1003 - Limited - Enabled)
Monika (S-1-5-21-3780588772-939456869-1824465523-1001 - Administrator - Enabled) => C:\Users\Monika
WDAGUtilityAccount (S-1-5-21-3780588772-939456869-1824465523-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{E24348A6-82E6-4FC7-BE14-189265418B30}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{0F58DF31-E2D8-45BE-AD43-D31D8707ACA1}) (Version: 3.7.0.8 - Intel) Hidden
µTorrent (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\uTorrent) (Version: 3.5.5.44954 - BitTorrent Inc.)
Active Directory Authentication Library for SQL Server (HKLM\...\{52D1FCFD-1052-4D75-B3FB-9906901AFD98}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Anno 1602 (HKLM-x32\...\Uplay Install 2990) (Version: - Ubisoft)
Anno 1602 Compatibility fix (HKLM\...\{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb) (Version: - )
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 375.70 - NVIDIA Corporation) Hidden
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Black & White® 2 Battle of the Gods (HKLM-x32\...\{10631C28-62E5-477C-9B40-40C5EA8219BE}) (Version: 1.00.0000 - Lionhead Studios)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.70a - Blender Foundation)
Bug Shooting 2 (HKLM\...\Bug Shooting 2) (Version: 2.15.3.796 - Alexej Hirsch)
calibre (HKLM-x32\...\{55763553-9485-4117-88D9-46237F7A5F08}) (Version: 3.36.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.3.05017 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{0BEF117F-BEBD-4948-AF22-210D14736BEC}) (Version: 4.3.05017 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D1844DC3-B378-47CC-AB40-7FC16C79A2CD}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4ABFEC28-1554-493D-A84D-BEA21D8E6D6F}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
DiagnosticsHub_CollectionService (HKLM\...\{A5DD0731-C724-4037-B35B-B80782AACE00}) (Version: 15.0.27128 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dotfuscator and Analytics Community Edition 5.19.1 (HKLM-x32\...\{2A7F99F6-88A4-4B44-B350-41C0B147A39C}) (Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Enterprise Architect (HKLM-x32\...\{9BEB85A4-D6C9-4978-AA55-AEE08FBD1A54}) (Version: 13.5.1351.25 - Sparx Systems)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.10.1225 - Epubor Inc.)
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version: - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP ALM Microsoft Excel Add-in (HKLM-x32\...\{AFA5B66F-C0B3-4E55-A883-B4E92D08E4B7}) (Version: 12.53.94.0 - Hewlett-Packard)
icecap_collection_neutral (HKLM-x32\...\{9149432D-3BEE-4869-B6F5-7A5CF843A612}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{D0C9796E-CB35-4440-885D-9630A0153D1E}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{B96B62E4-2EE4-45EC-8082-246FFC1B12E3}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{DFEE2505-3414-4C9E-BD69-90028AB9EAAF}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{262EE643-72FF-406D-9776-C6B65443DA5B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{AADC83BE-DF94-40A8-AF7E-D907489AE155}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{883ED9A8-3762-481E-A362-3A7BE5CBEB15}) (Version: 10.0.1740 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{93FE134F-7678-4D90-A849-6FF6EB28CCDF}) (Version: 2.4.04289 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.0.0.15 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{47C73491-A750-4865-B68D-588CD2955036}) (Version: 19.40.1702.1091 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{e03c7229-07fa-483d-a64f-55e545a2e21d}) (Version: 3.7.0.8 - Intel)
IntelliTraceProfilerProxy (HKLM-x32\...\{0A2EDF2C-9A71-43D7-964A-696BB7CEAC65}) (Version: 15.0.25.0 - Microsoft Corporation) Hidden
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Lenovo App Services (HKLM\...\Lenovo App Services) (Version: 0.200.8.268 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10285 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\{D3F38500-4C99-4E4F-9786-B907224E13A1}) (Version: 2.6.0.0528 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{D3F38500-4C99-4E4F-9786-B907224E13A1}) (Version: 2.6.0.0528 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo Patch Utility (HKLM-x32\...\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{49A09C2C-FFF4-478E-B397-5E0979F67F5D}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.5.2624.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.5.2624.01 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.24.256 - Lenovo Corporation)
Lenovo Settings (HKLM\...\{D14CCBF5-1A3A-4C08-955B-BE6D519835C4}_is1) (Version: 2.0.0.5 - Lenovo)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.33 - Lenovo Group Limited)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.0.21 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Settings WiFi (HKLM\...\{86045A6C-C156-4349-A3E2-47A88A42F5C2}_is1) (Version: 2.0.0.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo)
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 2.0.0.3 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 2.0.0.3 - Lenovo)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Core SDK - 2.1.4 (x64) (HKLM-x32\...\{9e732e8f-9e57-467d-a425-6f2387bdabd0}) (Version: 2.1.4 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (čeština) (HKLM-x32\...\{E249803A-BD5B-4FDC-A630-976C2971F5B4}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (čeština) (HKLM-x32\...\{25C7677B-0398-46A3-A0EE-7B393D20FA30}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Azure Authoring Tools - v2.9.5.3 (HKLM\...\{086C537B-DE1A-4A11-8441-6AAF076174B8}) (Version: 2.9.8699.20 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.10730.20280 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{1385D3DB-8E80-427B-91D2-B7535862B8E4}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 CTP2.1 (HKLM\...\{9BAD8F82-A221-42CE-AFF0-7CAB825790C9}) (Version: 14.0.600.250 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 CTP2.1 (HKLM-x32\...\{F0DD1AA8-44D7-4ACE-AF65-7378EA5D884C}) (Version: 14.0.600.250 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 2 (HKLM-x32\...\{04fa3a35-1f49-4510-8051-819cdc1e6e01}) (Version: 14.0.25123.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.14.167.122 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{65C71B09-C33D-4F60-93EA-DF3AD1D40600}) (Version: 10.0.1981 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 64.0 (x64 cs) (HKLM\...\Mozilla Firefox 64.0 (x64 cs)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 cs)) (Version: 52.9.1 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{13FE8B50-B340-4FDA-BB6E-AA1F5FAB8205}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20280 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20280 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.10730.20280 - Microsoft Corporation) Hidden
OneKey Optimizer (HKLM-x32\...\{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.3.0.7 - Lenovo) Hidden
OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.3.0.7 - Lenovo)
Oracle VM VirtualBox 5.2.8 (HKLM\...\{A7F49FA5-9FCA-4936-8652-CD00206D9300}) (Version: 5.2.8 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.18.58059 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
pgAdmin 4 version 1.1 (HKLM-x32\...\pgAdmin 4v1_is1) (Version: 1.1 - The pgAdmin Development Team)
pgAdmin 4 version 4.1 (HKLM-x32\...\pgAdmin 4v4_is1) (Version: 4.1 - The pgAdmin Development Team)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
PuTTY release 0.66 (HKLM-x32\...\PuTTY_is1) (Version: 0.66 - Simon Tatham)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.091213 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.)
RogueKiller version 13.1.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.1.6.0 - Adlice Software)
Roslyn Language Services - x86 (HKLM-x32\...\{263EF873-F5D0-3134-A962-356C21A3510F}) (Version: 14.0.25126 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Sims 4 Studio (HKLM-x32\...\{870AA913-0774-4ED0-B144-BC2C0CBE4BA0}_is1) (Version: 3.0.1.9 - Sims 4 Studio)
Skype for Business Web App Plug-in (HKLM-x32\...\{5EEFC600-CE9E-4DCE-862A-E7D4A9C7B568}) (Version: 15.8.20020.369 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SoapUI 5.3.0 5.3.0 (HKLM\...\5517-2803-0637-4585) (Version: 5.3.0 - SmartBear Software)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sticky Password 8.2.1.228 (HKLM-x32\...\Sticky Password_is1) (Version: 8.2 - Lamantine Software)
Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Sybase PowerDesigner 16.5 (HKLM-x32\...\{AB1E6446-8D82-45B4-B409-4034D6A446DC}) (Version: 16.5.3982 - SAP)
Team Explorer for Microsoft Visual Studio 2015 Update 2 (HKLM-x32\...\{7932CD6F-86D3-3EE4-8A02-B954404D1FFC}) (Version: 14.95.25118 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.42.30.1020 - Electronic Arts Inc.)
TortoiseSVN 1.9.7.27907 (64 bit) (HKLM\...\{FBD345DC-093A-4D89-A9B8-10C1BA356048}) (Version: 1.9.27907 - TortoiseSVN)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software)
Twitch (HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
TypeScript Power Tool (HKLM-x32\...\{60890089-588B-4362-B9C5-A9C11D6E5DD1}) (Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript SDK (HKLM-x32\...\{B08D05BC-7897-4616-B34C-95B58D07650C}) (Version: 2.5.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{DD51688B-194A-4A10-83D8-40AD1D9954A1}) (Version: 1.8.30.0 - Microsoft Corporation) Hidden
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.3.6 - Lenovo)
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
vcpp_crt.redist.clickonce (HKLM-x32\...\{0074562E-F896-4994-9086-79F8BC8DE02C}) (Version: 14.12.25830 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{DD7D028C-ACE5-43F9-947A-9F24DED8B64A}) (Version: 14.12.25830 - Microsoft Corporation) Hidden
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
Visual Studio Community 2017 (HKLM\...\7d9db401) (Version: 15.5.27130.2036 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{8A2BDA07-3417-46C1-9058-CB32BC63E30E}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{0EE5749D-2DC0-460F-AB1C-06B3EDB42426}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden
VS Update core components (HKLM-x32\...\{6A878817-D626-305A-BE8D-94C93F70E27A}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{18640789-304F-40B5-884B-130B4A97D83B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{595F5D63-8773-4182-A1E0-EC9ECF4B6EA4}) (Version: 15.0.27102 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{226CCDB6-96F9-4DE6-9CCC-DB49D0A0A971}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{9414C260-D479-49EB-B0BF-01C1F5076EA0}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{A57BD1C0-42AD-42F8-AFEB-FAC7E6ABB005}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{70F69B4F-7950-4841-8139-5D0C7EDD2FE6}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{231C8ADB-BF59-458E-A909-CFA825F46388}) (Version: 15.0.27102 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{9CDD69A2-765A-4970-AB6B-595A740C614F}) (Version: 15.0.27019 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B8B65A93-F72B-42C2-AE1A-FF440B44BB67}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinSCP 5.7.6 (HKLM-x32\...\winscp3_is1) (Version: 5.7.6 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Beta (HKLM-x32\...\World of Warcraft Beta) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.2-0 - Bitnami)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3780588772-939456869-1824465523-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3780588772-939456869-1824465523-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3780588772-939456869-1824465523-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2013-09-12] (Realtek Semiconductor Corporation) [File not signed]
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2017-08-08] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2017-08-08] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2017-08-08] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2017-08-08] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2017-08-08] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers1_S-1-5-21-3780588772-939456869-1824465523-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0448A738-DBBD-4050-8F1A-C9013EE81BF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {0F600C9E-6507-4FB9-A13A-B8C87B60981D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel® Services Manager -> )
Task: {0FF88B90-E194-47A2-9006-5E36468046AA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel® Services Manager -> )
Task: {117A4048-001A-42A8-B171-323442694DB9} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe () [File not signed]
Task: {143AC5E8-2145-4FD2-B945-DA618541DC87} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {17AA0111-E234-40B7-8FAB-8D4791461A8C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1EB3F042-21F7-467C-B093-FF50ADF57270} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {234E8EA2-285D-46B0-8A28-BEC045090142} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24BCE4AD-A59B-4C45-B9D8-1B78ECD1C4DA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {25BF7B03-F0A3-4941-978F-073760452952} - System32\Tasks\{2E9BF2B5-845C-43F3-B4C8-7670F20CCF47} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Monika\Documents\HRY\Warcraft 3 + Frozen Throne CZ Full Patched 1.26\Warcraft III\Warcraft III.exe" -d "C:\Users\Monika\Documents\HRY\Warcraft 3 + Frozen Throne CZ Full Patched 1.26\Warcraft III"
Task: {26E5541D-9A0A-498F-8F42-D10B89DCBA97} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {2FA03E45-D29F-468F-A798-34D1201C440B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {344A233A-EF42-46B8-9719-1AEA04FF3644} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {42127AB3-9DD0-44B2-BCF4-8F74D1A93934} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {43206D28-C084-4C76-8F98-BEB2C9C124BC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44452C1F-5AD9-4252-982E-ED6C76B34F88} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4537C048-27E9-4622-969E-102A90A26D70} - System32\Tasks\{CAC16486-7B2D-4BD1-9199-B4A702974DE4} => C:\WINDOWS\system32\pcalua.exe -a "C:\ExcaliburWoW Burning Crusade 2.4.3 - With Basic AddOns\Wow.exe" -d "C:\ExcaliburWoW Burning Crusade 2.4.3 - With Basic AddOns"
Task: {497D3D2A-9B6E-4824-8504-4431DFC72358} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4E47886D-61B7-45BF-BA2E-3488B813BCC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6880719A-1060-4A8D-B354-E0CF82FBA389} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6EBC3E40-08F4-447E-8B51-B1F559FBBA56} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7196B7E1-F6F3-420A-BF2A-BD1B3CF5E3CD} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {719D3BB9-6ED1-4DCF-9812-278006E60F39} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {75435B78-C991-478C-85A3-56D4022BA5C9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (LENOVO -> Lenovo)
Task: {83F48B47-6D2C-4FE7-BEC5-EDBC4376A94D} - System32\Tasks\{4E15EF07-A626-41B1-9DF6-13C8E27DBADF} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Lionhead Studios\Black & White 2\white.exe" -d "C:\Program Files (x86)\Lionhead Studios\Black & White 2"
Task: {886273C3-14FA-44F6-9B00-A6D066764011} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {88EE99A4-0256-4386-8B83-C01BCAF3525A} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: {8F5102DC-63B6-4A98-A53D-151A11AB8B18} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {90CDDBE7-6FE3-40D0-8690-1E63DA910933} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {977FDD96-AC3F-4C9E-B520-08A60027B8D5} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3780588772-939456869-1824465523-1001 => "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {9911358F-8E0C-4110-9071-BE8E64E9E36D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A262B025-5C0D-4278-9F31-4F180AF43FD1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A4B51257-0D32-44F7-8954-35A5053CC5DD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6B4C09F-B68C-4861-B3FB-0FE2BDDE1631} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {ACFBD40B-7927-485A-9E12-91EFB6734B9F} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe (Adlice -> )
Task: {B26E290F-DD81-4EDF-A981-930F02729212} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B43EDB2F-4913-449A-A18D-BC5DCB392E07} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B8AEDE4D-178B-4B6E-999D-106655530700} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {BA45A15E-7CA5-410B-BBE4-3A76AD393BCA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CEC691D7-0B13-4EF8-9BE7-6C4B1526580E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2C64D8F-636D-4B09-952B-BE1E09FE2251} - System32\Tasks\SafeZone scheduled Autoupdate 1456343663 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {DE0D814B-0724-40E3-95E2-B813FBDD44D1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DE8991A7-28AF-4D9D-B16B-1BC235E7A80B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F779B1FD-2594-4747-B61A-3B47A442B6F0} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe (LENOVO -> )
Task: {FB92EB50-55A7-4CA1-B179-B0EF28E8D44E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (LENOVO -> Lenovo)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Monika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b8da4a38624bbb1e\Feedback.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gfdkimpbcpahaombhbimeihdjnejgicl
==================== Loaded Modules (Whitelisted) ==============
2017-03-04 14:28 - 2013-09-10 17:19 - 000056832 _____ () [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2017-03-04 14:28 - 2013-09-04 16:04 - 000280576 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
2017-03-04 14:28 - 2011-11-11 17:42 - 000032768 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\Dun.dll
2017-03-04 14:28 - 2013-09-04 16:36 - 000705536 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\obexpf.dll
2017-03-04 14:28 - 2013-07-17 19:39 - 000437760 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DllMonoCtrl.dll
2017-03-04 14:28 - 2013-06-14 09:55 - 000290304 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\StereoControl.dll
2017-03-04 14:28 - 2013-07-17 19:39 - 000025600 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\VendorCmdExport.dll
2017-03-04 14:28 - 2013-07-17 19:39 - 000024576 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpIo64.dll
2017-03-04 14:28 - 2013-03-01 16:17 - 000045568 _____ (Realtek Semiconductor Corporation) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\rtsocket.dll
2016-12-05 00:50 - 2016-12-05 00:55 - 003012608 _____ () [File not signed] C:\Program Files\Bug Shooting 2\BugShooting2.exe
2016-09-04 09:46 - 2016-09-04 09:46 - 000000000 ____LMicrosoft Corporation C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2016-09-04 09:46 - 2016-09-04 09:46 - 000000000 ____LMicrosoft Corporation C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2019-02-18 14:35 - 2019-02-18 14:35 - 002795008 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\65ec576a619e53431d30d1d69762310d\Newtonsoft.Json.ni.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 001623040 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
2017-09-28 18:41 - 2017-09-28 18:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2018-05-21 17:41 - 2018-05-21 17:41 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-05-21 17:41 - 2018-05-21 17:41 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2017-10-07 12:49 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2017-10-07 12:48 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2017-10-07 12:48 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-02-25 23:30 - 2019-02-01 09:56 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2014-10-09 22:54 - 2014-10-09 22:54 - 000297472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2014-10-09 22:54 - 2014-10-09 22:54 - 000541696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2019-02-26 20:15 - 2019-02-26 20:15 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Core.dll
2019-02-26 20:15 - 2019-02-26 20:15 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Gui.dll
2019-02-26 20:15 - 2019-02-26 20:15 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Multimedia.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Qml.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Quick.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Widgets.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5WinExtras.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Xml.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Network.dll
2019-02-26 20:13 - 2019-02-26 20:14 - 085602816 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\libcef.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000596992 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\chrome_elf.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\platforms\qwindows.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qgif.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qico.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qjpeg.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qmng.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qsvg.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5Svg.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\imageformats\qtiff.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\fmod.dll
2019-02-26 20:13 - 2019-02-26 20:13 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\audio\qtaudio_windows.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000089600 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\libEGL.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 003841536 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\libGLESv2.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick.2\qtquick2plugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick\Window.2\windowplugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5QuickControls2.dll
2019-02-26 20:16 - 2019-02-26 20:16 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\Qt5QuickTemplates2.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-02-26 20:14 - 2019-02-26 20:14 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.10979\qml\QtQml\Models.2\modelsplugin.dll
2015-08-08 12:26 - 2015-01-22 19:18 - 002201088 _____ () [File not signed] C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2015-08-08 12:26 - 2015-01-22 19:18 - 002085888 _____ () [File not signed] C:\Program Files\Lenovo\Communications Utility\cv210.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 002741248 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000783360 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000047104 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000009728 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000758784 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000084992 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000053760 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 001861120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 004182528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 001580032 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 001079296 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000848896 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000075264 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000137216 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 002002944 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 004877312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 004101120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 004490752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000039424 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2018-12-10 17:49 - 2018-12-10 17:48 - 000991744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000381952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000218624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000308736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2018-12-10 17:49 - 2018-12-10 17:48 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\sharepoint.com -> hxxps://vse-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\vse.cz -> hxxps://hpalm.vse.cz
IE trusted site: HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\vse.cz -> hxxp://hpalm.vse.cz
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-07-17 12:34 - 2019-02-26 10:41 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;D:\app\Monika\product\11.2.0\client_2\bin;D:\app\Monika\product\11.2.0\client_1\bin;C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Lenovo\Motion Control\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\TortoiseSVN\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\RogueKiller;
HKU\S-1-5-21-3780588772-939456869-1824465523-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Monika\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-3780588772-939456869-1824465523-1001\...\StartupApproved\StartupFolder: => "8760b317178c876e1f56945899077ea6.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{945286CE-E61F-459D-8258-2CFFDB110A28}E:\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) E:\world of warcraft beta\utils\wowvoiceproxyt.exe No File
FirewallRules: [TCP Query User{D488F06C-4762-4EDF-B994-8AF5042AA13A}E:\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) E:\world of warcraft beta\utils\wowvoiceproxyt.exe No File
FirewallRules: [UDP Query User{1CC8A7EC-FE77-4F5F-B82C-192D0DFF0698}E:\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) E:\world of warcraft beta\utils\wowvoiceproxyt.exe No File
FirewallRules: [TCP Query User{B00F9D09-946E-461B-B656-F56E61C9BD32}E:\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) E:\world of warcraft beta\utils\wowvoiceproxyt.exe No File
FirewallRules: [{7332F3EB-3091-4C39-8384-B3E8F55AD094}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{7448FD7E-3DE4-4B50-9BBC-ECF563B6C950}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E86DC7F3-508E-4A4F-AA3B-32FB5FEB086A}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{C930BC0C-B9D2-4509-B0CE-61528A201B5E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [UDP Query User{DC31795B-5821-4FDF-B520-3AEB82778F4D}C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe] => (Allow) C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe (Smartbear Sweden AB -> )
FirewallRules: [TCP Query User{6A30F0F4-4138-4B79-ACE8-935973D94540}C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe] => (Allow) C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe (Smartbear Sweden AB -> )
FirewallRules: [UDP Query User{94B5E6F1-21E3-4B69-B0D4-7849537F8976}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{E514C805-06B1-4C1D-AD87-1878DDDE46F7}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{81905A2B-9122-447C-B565-487FB0E8CE93}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{23D11BEF-AB96-4A29-B909-E69AFC521206}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{4A408DDB-40BC-4D5D-B07E-DE93305440D7}C:\program files (x86)\winscp\winscp.exe] => (Allow) C:\program files (x86)\winscp\winscp.exe (Martin Prikryl -> Martin Prikryl)
FirewallRules: [TCP Query User{0E1F95BE-916F-45BF-A18D-79A6DD2E6BAF}C:\program files (x86)\winscp\winscp.exe] => (Allow) C:\program files (x86)\winscp\winscp.exe (Martin Prikryl -> Martin Prikryl)
FirewallRules: [{32D4D053-6F58-440D-A7C6-4AF106210274}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C056255C-FDC8-4581-8FF8-CB6C51671532}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AA9B26BF-01DB-40C0-B5E7-2A92E304FEA3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{02AD9742-D9A9-42D2-BC4A-B1FB4A52FD87}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{FCB81A01-D607-4515-B86B-75AC9DB397B8}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{47322C7A-0281-4EC3-8ABB-7FFD92C9ED58}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo -> )
FirewallRules: [{6947E874-19C2-46FF-B426-D672966F2E02}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo -> )
FirewallRules: [{E743843A-B4A5-497E-A6CB-57E0992DCB62}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5FCE12FA-A850-4063-BDA9-9DC8B3C4A432}] => (Allow) LPort=55100
FirewallRules: [{E749EF1E-9D8E-4A5C-BEC9-07626246835E}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{C67C4FEB-B639-4A00-8038-182BAA0F4C85}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F009EB9-48DC-4A91-A1C3-202229B76FD1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CE7E6AD-D834-4D24-B697-95F9AB408B17}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35C687CA-2ADE-4C97-B207-B3981582F33C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A051DEB1-AC9A-4410-B1BF-F3EFAE6ED5AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A463F4C7-431E-4A43-9343-E127AEF1B385}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B3628153-67FB-42A0-A10E-2B570FD1324E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C6ECFA08-1A52-4394-97C0-7E1D148C194F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AEA130BA-D9E2-43A5-A097-3F1ED7D463F5}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [{BB1FD35D-53DF-4F30-A0C5-BD5EAE80412F}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [{0AAD6939-9B22-42F9-8116-32796A6D8B50}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [{3BA8E496-4588-44DC-B51F-68556008B323}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [{D1BCD7AD-6222-426E-BE5E-C99CCE9FC469}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [{C2D3408F-BF5C-4773-8BEF-769533AFE831}] => (Allow) C:\Program Files\Bug Shooting 2\BugShooting2.exe () [File not signed]
FirewallRules: [TCP Query User{FDCB7705-B872-4C9A-8443-44131EE626FB}C:\program files (x86)\putty\putty.exe] => (Allow) C:\program files (x86)\putty\putty.exe (Simon Tatham) [File not signed]
FirewallRules: [UDP Query User{5668D229-82DD-47FE-BBE9-82509B4F2919}C:\program files (x86)\putty\putty.exe] => (Allow) C:\program files (x86)\putty\putty.exe (Simon Tatham) [File not signed]
FirewallRules: [{C8202703-6757-4462-BD1A-7053E506637A}] => (Block) C:\program files (x86)\putty\putty.exe (Simon Tatham) [File not signed]
FirewallRules: [{B4B23977-5F38-4108-9993-505210DF4345}] => (Block) C:\program files (x86)\putty\putty.exe (Simon Tatham) [File not signed]
FirewallRules: [{85967E6A-E4C2-4A60-923A-04B5F1541556}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{36564ED1-BFEB-4299-B3EE-89F47E9E1622}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{6BA7F065-A7F0-4292-BFEB-6AC48EF4143E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{18DA74AD-2A1A-44A8-96B2-41C17F81FD0C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [TCP Query User{58DF493A-17BE-4458-94E0-580E7A705E65}C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe] => (Allow) C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe (Smartbear Sweden AB -> )
FirewallRules: [UDP Query User{C07394CF-955C-41F7-A364-400D6030B9FA}C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe] => (Allow) C:\program files\smartbear\soapui-5.3.0\bin\soapui-5.3.0.exe (Smartbear Sweden AB -> )
FirewallRules: [{915BA037-0D98-4743-9725-951971527608}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{409B4078-D9A2-479C-9039-3C0D9D8D2E34}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B85DF9E3-23B9-4FEB-9117-086191B7D6D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{C76D9103-33A4-4839-9933-AA26F56E203F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{99426349-FFD1-49FA-B8FB-70D204227816}] => (Allow) LPort=5556
FirewallRules: [{FD82C234-C7A8-4DB6-A8B8-D9E5F50EB19B}] => (Allow) LPort=5558
FirewallRules: [TCP Query User{28E0E9A6-0F41-4BAD-B510-CF32CAA267C4}\\192.168.3.98\data\cd images\monika\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) \\192.168.3.98\data\cd images\monika\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
FirewallRules: [UDP Query User{B3586968-2837-4276-BC40-B7C8928B08AB}\\192.168.3.98\data\cd images\monika\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) \\192.168.3.98\data\cd images\monika\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
FirewallRules: [{333D24DA-4C63-4CDD-A8A3-C9F0ABD2C287}] => (Allow) C:\Users\Monika\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{179DF1ED-0CA9-4188-8B17-32A140479B2F}] => (Allow) C:\Users\Monika\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{22156322-17CD-48F1-8753-7473FC373AAA}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{00479EDD-CBF4-4565-B832-E1FDAA741FD2}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{E04722EC-E700-4CA9-BA03-C5E2EC8DCA4F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ED685E85-E331-412C-8EC3-2723385DE81E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E438C9BF-F470-4639-A1D2-48482E5663E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{096934BC-B6EB-499F-AE82-5AFCF038E606}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{862E5EAF-4508-43CE-B87D-56B634F55758}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AC932AE5-A4FB-4035-BA06-1E5879566250}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{24265C86-49C8-4AAF-86DF-617A66A081EE}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{68A28AA5-0AE8-4E48-8BC3-8A27A7658802}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{B41C31CD-DA56-435C-ABEE-3B039EF4D3F3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 1602\Eng\1602.exe (Ubisoft Entertainment SA -> MAX DESIGN)
FirewallRules: [TCP Query User{3DEAA038-6B05-4945-991D-6839303BAEC4}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{14E82D90-296E-4DEE-AD3F-DDE5D9BA421C}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{283646DB-EEC9-4254-B206-41BB31E47243}C:\program files (x86)\epubor\ultimate\epuborultimate.exe] => (Allow) C:\program files (x86)\epubor\ultimate\epuborultimate.exe (Wuhan JinDu Technology Ltd. -> )
FirewallRules: [UDP Query User{DBCFD90D-26B6-462B-A35C-29848B1D10DE}C:\program files (x86)\epubor\ultimate\epuborultimate.exe] => (Allow) C:\program files (x86)\epubor\ultimate\epuborultimate.exe (Wuhan JinDu Technology Ltd. -> )
FirewallRules: [{B823CF3B-D86D-4E08-BFC0-5FE58863B257}] => (Allow) D:\SteamLibrary\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive) [File not signed]
FirewallRules: [{A88ADEE8-A72F-4913-A5A6-025643870C97}] => (Allow) D:\SteamLibrary\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive) [File not signed]
FirewallRules: [{76C34CC1-15E6-40D5-9F21-EED6F79FD009}] => (Allow) D:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{5B1F9F85-3AAA-48EE-998A-4A85D46C9638}] => (Allow) D:\SteamLibrary\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{0C356961-717C-48CF-BA64-E8C6C0BA471B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{379FA1EB-F575-4DC0-8842-55F1FA858D23}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09A8F9C9-B4EC-40A0-92C2-9A36D5E44D5F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6CC901B2-A4B0-4734-A44D-DD5C57925433}C:\program files\microsoft office\root\office16\lync.exe] => (Allow) C:\program files\microsoft office\root\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A5F2AA6C-CB9E-4275-9CE4-BD18F25B7688}C:\program files\microsoft office\root\office16\lync.exe] => (Allow) C:\program files\microsoft office\root\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AA1D3DE2-79D7-4FCA-A13B-DE4F05259DC9}] => (Allow) D:\SteamLibrary\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1DB50EEC-0A79-46A7-B618-FE7229881CC6}] => (Allow) D:\SteamLibrary\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9ADB0D14-098E-4597-A37B-B77236B2629A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{460030D7-D3BC-4D5A-B059-0EAEE6296DA3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{AF0FD0A4-8B76-48ED-B83D-C63AB04107A5}] => (Allow) D:\SteamLibrary\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{50108FEC-684A-4658-9701-6A821D39618F}] => (Allow) D:\SteamLibrary\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{B9FA7505-75D5-41F0-BB22-B26CB902F0BF}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{23259239-1D20-4387-9AD3-A8993425EF55}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{C8605821-59EA-4C3A-B8E8-D1DF826A5342}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{77743EDA-9775-40C8-9201-A65B8CF77C21}] => (Allow) D:\SteamLibrary\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{806EF6E9-89F0-401E-8BC8-895C861F5407}] => (Allow) D:\SteamLibrary\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B11120D0-294D-467F-9C4C-0AFE358CEAF7}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{73558C33-6903-4A5D-A5FC-C7C42B46691D}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
==================== Restore Points =========================
26-02-2019 12:01:14 JRT Pre-Junkware Removal
01-03-2019 21:37:55 Windows Update
==================== Faulty Device Manager Devices =============
Name: Dotyková obrazovka standardu HID
Description: Dotyková obrazovka standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/02/2019 11:05:45 AM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/02/2019 11:05:45 AM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/01/2019 10:43:09 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/01/2019 10:43:08 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/01/2019 07:14:12 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/01/2019 07:14:12 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/01/2019 05:07:21 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: MONIKA-PC)
Description: httphttp-2147467263
Error: (03/01/2019 04:58:14 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: MONIKA-PC)
Description: httphttp-2147467263
System errors:
=============
Error: (03/02/2019 10:12:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (03/02/2019 10:12:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/02/2019 10:01:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/02/2019 12:47:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/01/2019 09:56:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (03/01/2019 09:54:44 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/01/2019 05:13:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/01/2019 05:06:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
CodeIntegrity:
===================================
Date: 2019-02-26 18:36:32.835
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 18:36:30.987
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 18:35:37.793
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 17:42:25.452
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 17:42:23.861
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 17:41:34.490
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 17:15:20.609
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-26 17:15:20.016
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 83%
Total physical RAM: 8097.85 MB
Available physical RAM: 1320.59 MB
Total Virtual: 15009.85 MB
Available Virtual: 5081.3 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:207.09 GB) (Free:32.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Hry) (Fixed) (Total:678.76 GB) (Free:662.99 GB) NTFS
\\?\Volume{4f2d2d39-adda-4272-a7f3-421e382cfb6b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{8dd601b3-a54b-498b-a8ac-709f5647feef}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ==================
==================== End of Addition.txt ============================
Re: Soubor a.txt
Nic mimoriadne tam nevidim, na zaver este prescanuj PC s ADWCleanerom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?