Dobrý den , poprosil bych o kontrolu RSIT logu, ntb je pomalý. děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by zippy at 2022-05-08 18:02:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 40 GB (21%) free of 190 GB
Total RAM: 3965 MB (26% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:06:19, on 8.5.2022
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAB8SWK.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files\trend micro\zippy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKCU\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode
O4 - HKUS\S-1-5-19\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (User 'Default user')
O4 - Startup: RT-Updater-SVO.lnk = C:\Ross-Tech\VCDS SVO 20.4.2\VCDS.exe
O4 - Startup: RT-Updater.lnk = C:\Ross-Tech\VCDS 20.4.1\VCDS.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Unknown owner - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AsusFPService - Unknown owner - C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BBGate DMS-Backbone Service (BBGate) - VOLKSWAGEN AG - D:\srv_apps\bbgate\BBGate.exe
O23 - Service: BBGate-HTTPD - Unknown owner - D:\srv_apps\bbgate\Apache.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\Windows\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\Windows\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service: Intel(R) Driver & Support Assistant Updater (DSAUpdateService) - Unknown owner - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.54\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (file missing)
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\SysWOW64\rpcnet.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: ASUS Virtual MFP Service (UsbService) - Unknown owner - C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14771 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 26249824
\??\C:\Windows\system32\conhost.exe "-1108175214-2094172567-1106652515700428011341132422-20282772401092731827552681536
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\microsoft.net\framework\v2.0.50727\RegAsm.exe /u C:\ProgramData\NationAssets\AdvaiceSehrch\dojrVhell_DLM.dll
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
ATKOSD.exe
\??\C:\Windows\system32\conhost.exe "-1868255532-2058451338-504817963-6702781251253277493451535922-1311487633336516706
"taskhost.exe"
"C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe"
KBFiltr.exe
WDC.exe
D:\srv_apps\bbgate\BBGate.exe
"D:\srv_apps\bbgate\Apache.exe"
"C:\Program Files\Google\Drive File Stream\57.0.4.0\crashpad_handler.exe" --database=C:\Users\zippy\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=Explorer.EXE --annotation=prod=DriveFS --annotation=ver=57.0.4.0 --initial-client-data=0x1e0,0x1e4,0x1e8,0x1b4,0x1ec,0x7fef7c1d3e0,0x7fef7c1d3f0,0x7fef7c1d400
"D:\srv_apps\bbgate\Apache.exe" -Z ap2264_C1 -f "d:/srv_apps/bbgate/httpd.conf"
\??\C:\Windows\system32\conhost.exe "-561863043-12845106411614457798-4370032959465173111730550037-522603119-856494872
crypserv.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\DptfParticipantProcessorService.exe
"C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER
"C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"c:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4304
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe" -s MSSQL10_50.MSSQLSERVER
"c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe" "MSSQL10_50.MSSQLSERVERFf02614e8f901cf408af9a4ef1b25c936288fo555" "MSSQL10_50.MSSQLSERVER" "MSSQL10_50.MSSQLSERVER" "8" "" "4096" "M" "0" "" "" ""
\??\C:\Windows\system32\conhost.exe "1487344105500652782-1486867265-1629535173-72566227-101653682775491377-1900456896
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a900d658-51ed-4ee9-81b3-87b6d1fa76e3 -SystemEventPortName:HostProcess-2eb9ca6c-7b98-4f1d-b0bf-c106d5fc8c76 -IoCancelEventPortName:HostProcess-bedcf2bd-0481-49ad-bd67-cc7f3ec169e6 -NonStateChangingEventPortName:HostProcess-b025652b-e7d1-48b1-963b-8d2a4607f704 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:443031b9-30a0-4724-8c31-2fc4ca001194 -DeviceGroupId:
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
"taskhost.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAB8SWK.EXE !hide Canon LBP3010/LBP3018/LBP3050
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Google\Drive File Stream\57.0.5.0\crashpad_handler.exe" --database=C:\Users\zippy\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=Explorer.EXE --annotation=prod=DriveFS --annotation=ver=57.0.5.0 --initial-client-data=0x14e8,0x1540,0x15f8,0x1938,0x1738,0x7feb912d3e0,0x7feb912d3f0,0x7feb912d400
"C:\Program Files\Google\Drive File Stream\57.0.5.0\crashpad_handler.exe" --database=C:\Users\zippy\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=Explorer.EXE --annotation=prod=DriveFS --annotation=ver=57.0.5.0 --initial-client-data=0x152c,0x1614,0xf50,0x1524,0x1260,0x7feb787d3e0,0x7feb787d3f0,0x7feb787d400
"C:\Program Files\Google\Drive File Stream\57.0.5.0\crashpad_handler.exe" --database=C:\Users\zippy\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=Explorer.EXE --annotation=prod=DriveFS --annotation=ver=57.0.5.0 --initial-client-data=0x1610,0x16e4,0x1710,0x15f4,0x146c,0x7feb787d3e0,0x7feb787d3f0,0x7feb787d400
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\svchost.exe
C:\Windows\SysWOW64\svchost.exe
"C:\Program Files\Microsoft Security Client\msseces.exe"
C:\Windows\system32\DllHost.exe /Processid:{A79DB36D-6218-48E6-9EC9-DCBA9A39BF00}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\zippy\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\zippy\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=101.0.4951.54 --initial-client-data=0xb0,0xb4,0xb8,0x84,0xbc,0x7fef2f9b520,0x7fef2f9b530,0x7fef2f9b540
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1148 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=1396 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=1516 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --launch-time-ticks=703309569018 --mojo-platform-channel-handle=4764 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --launch-time-ticks=703382540716 --mojo-platform-channel-handle=7860 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --launch-time-ticks=703384233356 --mojo-platform-channel-handle=7100 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --launch-time-ticks=703396084186 --mojo-platform-channel-handle=2200 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --launch-time-ticks=703409187765 --mojo-platform-channel-handle=2984 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files\Google\Drive File Stream\57.0.5.0\crashpad_handler.exe" --database=C:\Users\zippy\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=chrome.exe --annotation=prod=DriveFS --annotation=ver=57.0.5.0 --initial-client-data=0x1b64,0x15c0,0x15b4,0x15b0,0x98c,0x7fed3bfd3e0,0x7fed3bfd3f0,0x7fed3bfd400
"C:\Users\zippy\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --launch-time-ticks=703587905259 --mojo-platform-channel-handle=2560 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --launch-time-ticks=703601030015 --mojo-platform-channel-handle=5432 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe52_ Global\UsGthrCtrlFltPipeMssGthrPipe52 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --launch-time-ticks=703704356779 --mojo-platform-channel-handle=8340 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=55 --launch-time-ticks=703721621768 --mojo-platform-channel-handle=8244 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-04 571456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-11-14 984496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-04 234560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-14 157904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-11-14 687536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-11-14 2595208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveFS"=C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe [2022-04-14 53934992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner64.exe [2022-01-25 35320448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_05A2DD7A5AB557BE38B88C67EC7FFE53]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2022-04-30 2622352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Steam\steam.exe -silent []
C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
RT-Updater-SVO.lnk - C:\Ross-Tech\VCDS SVO 20.4.2\VCDS.exe
RT-Updater.lnk - C:\Ross-Tech\VCDS 20.4.1\VCDS.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-05-22 436224]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rpcnet]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2022-05-08 18:02:17 ----D---- C:\Program Files\trend micro
2022-05-08 18:02:16 ----D---- C:\rsit
2022-04-30 14:42:27 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp
2022-04-15 22:57:27 ----D---- C:\AdwCleaner
======List of files/folders modified in the last 1 month======
2022-05-08 18:06:04 ----D---- C:\Windows\Temp
2022-05-08 18:02:52 ----D---- C:\Windows\Prefetch
2022-05-08 18:02:17 ----RD---- C:\Program Files
2022-05-08 17:50:48 ----D---- C:\Windows\system32\DriverStore
2022-05-08 17:10:29 ----D---- C:\Program Files (x86)\Google
2022-05-08 15:29:17 ----D---- C:\Windows\system32\config
2022-05-08 10:59:41 ----D---- C:\ProgramData\NationAssets
2022-05-08 10:59:41 ----D---- C:\Program Files (x86)\Cisco
2022-05-08 10:36:06 ----SHD---- C:\System Volume Information
2022-05-08 10:02:18 ----A---- C:\Windows\SYSWOW64\log.txt
2022-05-01 12:04:44 ----SHD---- C:\Windows\Installer
2022-05-01 12:04:43 ----SHD---- C:\Config.Msi
2022-05-01 12:04:38 ----D---- C:\Windows\system32\Tasks
2022-05-01 11:58:51 ----D---- C:\Windows\SysWOW64
2022-05-01 00:56:43 ----D---- C:\Windows\System32
2022-04-30 15:24:24 ----D---- C:\Windows\Microsoft.NET
2022-04-30 15:07:54 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2022-04-30 15:06:43 ----D---- C:\Program Files\Common Files\Microsoft Shared
2022-04-30 14:59:12 ----D---- C:\Program Files\Microsoft Office
2022-04-30 14:51:13 ----D---- C:\Windows\inf
2022-04-30 14:51:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2022-04-30 14:42:06 ----A---- C:\Windows\system32\rpcnetp.exe
2022-04-30 14:42:04 ----A---- C:\Windows\SYSWOW64\rpcnet.dll
2022-04-24 15:49:09 ----D---- C:\Windows\winsxs
2022-04-15 23:34:33 ----D---- C:\Windows\system32\catroot
2022-04-15 23:33:33 ----D---- C:\Windows\system32\MRT
2022-04-15 23:02:55 ----AC---- C:\Windows\system32\MRT.exe
2022-04-15 17:08:24 ----D---- C:\Program Files (x86)
2022-04-15 17:04:10 ----D---- C:\Program Files (x86)\Common Files
2022-04-15 17:04:04 ----D---- C:\Windows\system32\drivers
2022-04-15 17:03:37 ----D---- C:\Windows
2022-04-15 17:00:38 ----DC---- C:\Windows\system32\DRVSTORE
2022-04-15 16:57:18 ----AD---- C:\adb
2022-04-15 16:57:05 ----D---- C:\Program Files (x86)\Sonork
2022-04-15 16:53:28 ----D---- C:\Program Files (x86)\Chimera
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 assd;assd; C:\Windows\system32\drivers\assd.sys [2012-08-21 31104]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2012-09-14 647736]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2012-09-14 28216]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-20 19264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2018-11-20 564824]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 516096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2018-11-20 283200]
R1 googledrivefs3758;googledrivefs3758; C:\Windows\system32\DRIVERS\googledrivefs3758.sys [2022-04-13 386632]
R1 NetworkX;NetworkX; C:\Windows\syswow64\ckldrv.sys []
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R3 acpials;ALS Sensor Filter; C:\Windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
R3 DptfDevDram;DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [2012-10-01 107328]
R3 DptfDevFan;DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [2012-10-01 42816]
R3 DptfDevGen;DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [2012-10-01 64832]
R3 DptfDevPch;DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [2012-10-01 96576]
R3 DptfDevProc;DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [2012-10-01 229184]
R3 DptfManager;DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [2012-10-01 363328]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2018-06-17 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2018-06-17 47160]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2011-12-20 358576]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-07-29 309584]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-05-22 14759136]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2012-08-17 20968]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2012-08-17 19944]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-05-25 331264]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2012-08-17 46016]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2012-08-10 25528]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2012-08-05 17280]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-03 62784]
R3 MpKsla829a9a5;MpKsla829a9a5; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7D47614B-E75F-4690-9F10-BF61D6937EB2}\MpKslDrv.sys [2022-05-08 48360]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-03 11499008]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2012-05-21 339088]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service; C:\Windows\system32\DRIVERS\ST_ACCEL.sys [2012-05-21 67184]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
S0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys []
S1 fkwktvhs;fkwktvhs; \??\C:\Windows\system32\drivers\fkwktvhs.sys []
S2 HOSTNT;HOSTNT; C:\Windows\system32\drivers\HOSTNT.sys []
S2 multikey;Virtual USB MultiKey; C:\Windows\system32\DRIVERS\multikey.sys [2021-01-11 67584]
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2019-07-30 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2019-07-30 556032]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2019-07-30 80384]
S3 btmaudio;Intel Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys [2012-05-21 80896]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-05-21 111104]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2012-06-10 849408]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 71168]
S3 edicusb;Softing EDIC USB Communication Driver; C:\Windows\system32\DRIVERS\edicusb7x64.sys [2016-03-01 33944]
S3 ew_usbccgpfilter;HwHandSet_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbccgpfilter.sys [2021-11-08 18944]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2016-02-01 110912]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2016-02-01 95168]
S3 HWHandSet;HWUSBSERSP; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [2021-11-08 226560]
S3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-07-10 60928]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2012-08-10 35256]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\syswow64\NSNDIS5.SYS [2004-03-24 17280]
S3 PCASp60;PCASp60 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp60.sys []
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\qcusbser.sys [2015-07-09 245248]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RT-USB;Ross-Tech USB driver; C:\Windows\system32\drivers\RT-USB64.SYS [2014-05-12 97152]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2015-08-18 35112]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S4 RsFx0153;RsFx0153 Driver; C:\Windows\system32\DRIVERS\RsFx0153.sys [2015-03-30 322736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-11-18 169728]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-09-11 106880]
R2 AsusFPService;AsusFPService; C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe [2012-09-22 912896]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-22 96896]
R2 BBGate;BBGate DMS-Backbone Service; D:\srv_apps\bbgate\BBGate.exe [2014-03-05 1211392]
R2 BBGate-HTTPD;BBGate-HTTPD; D:\srv_apps\bbgate\Apache.exe [2013-06-20 20480]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-06-19 1095616]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-06-19 1333184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-06-19 1124288]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-24 135952]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2022-03-28 11138976]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2008-05-08 122880]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DptfParticipantProcessorService;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application; C:\Windows\system32\DptfParticipantProcessorService.exe [2012-10-01 30080]
R2 DSAService;Intel(R) Driver & Support Assistant; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [2019-10-16 34664]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-06-26 628016]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 ISCTAgent;ISCT Always Updated Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-08-17 149032]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-05 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2015-03-30 62382256]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2015-03-30 62382256]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-06-26 149296]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2015-03-30 2194096]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]
R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2015-03-30 42168]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 DptfPolicyConfigTDPService;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application; C:\Windows\system32\DptfPolicyConfigTDPService.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-14 144200]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe []
S2 intelsba;Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2012-07-12 47368]
S2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\SysWOW64\rpcnet.exe [2020-04-04 73232]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-05-22 276248]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-18 1369432]
S3 DSAUpdateService;Intel(R) Driver & Support Assistant Updater; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe []
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.54\elevation_service.exe [2022-04-30 1600912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-14 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 116224]
S3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13 18168]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-06-26 272688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 265592]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-12-27 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2020-12-21 2073888]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-07 2429544]
S4 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048]
S4 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048]
S4 McSchedulerSvc;McAfee PC Task Scheduler Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2015-03-30 442536]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2015-03-30 278704]
S4 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2015-03-30 442536]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu logu - POMALÝ PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu - POMALÝ PC
Zdravím!
Dejte logy FRST+Addition. RSiT není plně kompatibilní se 64b systémy. Děkuji.
Dejte logy FRST+Addition. RSiT není plně kompatibilní se 64b systémy. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivní kontrolu logu - POMALÝ PC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2022 01
Ran by zippy (administrator) on ZIPPY-PC (ASUSTeK COMPUTER INC. B400A) (04-06-2022 10:13:22)
Running from C:\Users\zippy\Desktop
Loaded Profiles: zippy
Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(C:\Program Files (x86)\Google\Update\Install\{94166C86-012B-40DD-9748-297B0B23A3D6}\102.0.5005.63_101.0.4951.67_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{94166C86-012B-40DD-9748-297B0B23A3D6}\CR_A691D.tmp\setup.exe <2>
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(explorer.exe ->) (Disc Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{94166C86-012B-40DD-9748-297B0B23A3D6}\102.0.5005.63_101.0.4951.67_chrome_updater.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
(services.exe ->) () [File not signed] D:\srv_apps\bbgate\Apache.exe <2>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (CrypKey (Canada) Ltd.) [File not signed] C:\Windows\System32\Crypserv.exe
(services.exe ->) (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation - Business Client Platform Division -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel(R) Smart Connect software -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(services.exe ->) (Validity Sensors, Inc.) [File not signed] C:\Windows\System32\vcsFPService.exe
(services.exe ->) (VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(services.exe ->) (VOLKSWAGEN AG) [File not signed] D:\srv_apps\bbgate\BBGate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(taskeng.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {12577f27-6a9f-11eb-8851-f48092b56344} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {1edd4882-4fc2-11eb-89dd-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {1edd48b8-4fc2-11eb-89dd-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {5bb22c90-ece1-11e8-8ef4-c8f7336ca29f} - E:\OInstall.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {85c9b526-01bc-11eb-884f-08606e18a8a4} - 华为手机助手安装ĺ‘导.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {a219ce85-950b-11ea-832d-c8f7336ca29b} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {b3cf6cec-8cbf-11ec-960e-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {b3cf6cfe-8cbf-11ec-960e-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\CNAP2 Monitor: C:\Windows\system32\CNAP2LMD.DLL [486400 2012-09-03] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-28] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-04-07] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{0CE326A8-C767-433F-82B9-601B2A27321E}] -> C:\Windows\system32\AsusFPCredentialProvider.dll [2012-09-22] () [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater-SVO.lnk [2021-10-09]
ShortcutTarget: RT-Updater-SVO.lnk -> C:\Ross-Tech\VCDS SVO 20.4.2\VCDS.exe (Ross-Tech, LLC -> Ross-Tech, LLC)
Startup: C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk [2021-06-29]
ShortcutTarget: RT-Updater.lnk -> C:\Ross-Tech\VCDS 20.4.1\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0643BCDB-A9D9-426E-9E4D-24B3ADE03E5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {135535C8-87DC-49D7-A74C-6A6F740C9D6D} - System32\Tasks\GoogleUpdateTaskMachineCore{AE6DF576-7FA7-4A59-B2DE-0CBA3D08FD52} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-14] (Google Inc -> Google Inc.)
Task: {18492137-DC19-480D-B1F5-F32DCA8583E9} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {25DCCC94-2C25-4905-A720-8CECF9155877} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {341F4081-BD7A-4B52-A210-E828B1E59A8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2022-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F6CA75B-AE11-4062-A832-52EAA2AE782B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {41465486-A1F1-4FAA-971E-188DFC961961} - System32\Tasks\{FBE65720-74A3-46C9-8FFE-EDFB6F691276} => C:\Windows\system32\pcalua.exe -a "C:\Users\zippy\Downloads\Huawei_Android_phone_drivers\Huawei Android phone drivers\DriverSetup.exe" -d "C:\Users\zippy\Downloads\Huawei_Android_phone_drivers\Huawei Android phone drivers"
Task: {554ED453-7B86-46F4-9F93-E3048A84F2EE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2022-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C80FDDF-E975-4694-B471-6F2B4B7F9C1D} - System32\Tasks\GoogleUpdateTaskMachineUA{163BD96A-C5C9-4028-A12E-59D4998602C8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-14] (Google Inc -> Google Inc.)
Task: {B46545DA-BAF2-4AD9-8ADA-BE67C3644E88} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160680 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C35DA3D0-B5AD-4D23-A947-7C002497BDC1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160680 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {D85FE754-5673-44D6-BB0D-14CDF4EF8B2F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8
Tcpip\..\Interfaces\{132EF034-57AE-4B13-8DC5-8596BB8B0D63}: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8
Tcpip\..\Interfaces\{97F296BA-EF48-4F4C-BAD8-75275EC90D86}: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8
Edge:
=======
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default [2022-06-04]
CHR Notifications: Default -> hxxp://router.asus.com; hxxps://p7.regardensy.mobi; hxxps://www.facebook.com; hxxps://www.google.cz; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-08-14]
CHR Extension: (Cultures Online) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbdgmikfnklbopkafjgbcejoiipemkl [2015-08-14]
CHR Extension: (Full Screen Weather) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2015-08-14]
CHR Extension: (Facebook for Chrome) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2015-08-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-08]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2019-01-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-04]
CHR Extension: (Google Translate) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfhgpjbcoignfibliobpclhpfnadhofn [2022-02-13]
CHR Extension: (Quick Earth) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khodocggeplgfhppgagfdpbjkniadmdh [2015-08-14]
CHR Extension: (3D Solar System Web) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2015-08-14]
CHR Extension: (Typing Game) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mobfbeogeanchbdhboilncgnkfkibjjg [2015-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]
CHR Extension: (convert2mp3.net Online Video Converter) - C:\Users\zippy\Downloads\convert2mp3_chrome_addon-2.4\convert2mp3_video_converter_2.4 [2014-12-18] [UpdateUrl:hxxp://convert2mp3.net/misc/chrome_update.xml] <==== ATTENTION
CHR Profile: C:\Users\zippy\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AsusFPService; C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe [912896 2012-09-22] () [File not signed]
R2 BBGate; D:\srv_apps\bbgate\BBGate.exe [1211392 2014-03-05] (VOLKSWAGEN AG) [File not signed]
R2 BBGate-HTTPD; D:\srv_apps\bbgate\Apache.exe [20480 2013-06-20] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139024 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation -> Intel Corporation)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2429544 2011-12-07] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation - Business Client Platform Division -> Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-17] (Intel(R) Smart Connect software -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-08] (Malwarebytes Inc. -> Malwarebytes)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc. -> McAfee, Inc.)
S4 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc. -> McAfee, Inc.)
S4 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc. -> McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [42168 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ReportServer; c:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2194096 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [334848 2010-08-10] () [File not signed]
R2 vcsFPService; C:\Windows\system32\vcsFPService.exe [2248192 2012-09-11] (Validity Sensors, Inc.) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-09-14] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
S4 WorkshopDBService; C:\Program Files (x86)\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2019-02-05] (Acresso) [File not signed]
S2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [X]
S2 DptfPolicyConfigTDPService; %SystemRoot%\system32\DptfPolicyConfigTDPService.exe [X]
S3 DSAUpdateService; "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe" [X]
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 assd; C:\Windows\System32\Drivers\assd.sys [31104 2012-08-21] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1394688 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [80896 2012-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [111104 2012-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [849408 2012-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\System32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevFan; C:\Windows\System32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevGen; C:\Windows\System32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfManager; C:\Windows\System32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47160 2018-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2018-11-20] (DT Soft Ltd -> DT Soft Ltd)
S3 edicusb; C:\Windows\System32\DRIVERS\edicusb7x64.sys [33944 2016-03-01] (Softing AG -> Softing Automotive Electronics GmbH)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [386632 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S2 HOSTNT; C:\Windows\SysWow64\Drivers\HOSTNT.sys [4032 2019-07-17] () [File not signed]
S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [17280 2012-08-05] (ASUSTeK Computer Inc. -> )
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [57344 2009-06-10] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239560 2022-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [67584 2021-01-11] (NGO -> Chingachguk & Denger2k (Elite & SP edition))
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] (CrypKey (Canada) Inc. -> )
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S2 NSHE; C:\Windows\SysWOW64\Drivers\NSHE.SYS [98816 2013-05-22] (NGO -> T0r0 2008) [File not signed]
S3 NSNDIS5; C:\Windows\SysWOW64\NSNDIS5.SYS [17280 2004-03-24] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [245248 2015-07-09] (QUALCOMM Incorporated) [File not signed]
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 RT-USB; C:\Windows\System32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2018-11-20] (Duplex Secure Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [22128 2011-07-16] (STMicroelectronics -> ST Microelectronics)
S3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [48096 2012-08-10] (Intel Wireless Display -> Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [121824 2016-07-21] (Oracle Corporation -> Oracle Corporation)
U5 vsock; C:\Windows\System32\Drivers\vsock.sys [103736 2019-08-14] (VMware, Inc. -> VMware, Inc.)
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [47616 2007-12-17] (Eltima Software -> )
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2022-06-04] (Intel(R) Smart Connect software -> )
S3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188384 2012-08-10] (Intel Wireless Display -> Windows (R) Win 7 DDK provider)
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
S1 fkwktvhs; \??\C:\Windows\system32\drivers\fkwktvhs.sys [X]
S3 PCASp60; System32\Drivers\PCASp60.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-04 10:13 - 2022-06-04 10:18 - 000034495 _____ C:\Users\zippy\Desktop\FRST.txt
2022-06-04 10:12 - 2022-06-04 10:16 - 000000000 ____D C:\FRST
2022-06-04 10:11 - 2022-06-04 10:12 - 002368000 _____ (Farbar) C:\Users\zippy\Desktop\FRST64.exe
2022-06-04 09:29 - 2022-06-04 09:29 - 000094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2022-05-28 22:10 - 2022-05-28 22:10 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002422 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2022-05-08 18:16 - 2022-05-08 18:16 - 000000000 ____D C:\Users\zippy\AppData\Local\mbam
2022-05-08 18:13 - 2022-05-08 18:13 - 000001966 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-05-08 18:13 - 2022-05-08 18:13 - 000001954 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-05-08 18:12 - 2022-06-04 09:31 - 000239560 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-05-08 18:12 - 2022-05-08 18:12 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-05-08 18:11 - 2022-05-08 18:10 - 000103888 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-05-08 18:09 - 2022-05-08 18:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-05-08 18:09 - 2022-05-08 18:09 - 000000000 ____D C:\Program Files\Malwarebytes
2022-05-08 18:06 - 2022-05-08 18:07 - 002443448 _____ (Malwarebytes) C:\Users\zippy\Desktop\MBSetup-119181.119181-consumer.exe
2022-05-08 18:02 - 2022-05-08 18:07 - 000000000 ____D C:\rsit
2022-05-08 18:02 - 2022-05-08 18:06 - 000000000 ____D C:\Program Files\trend micro
2022-05-08 18:01 - 2022-05-08 18:01 - 001222144 _____ C:\Users\zippy\Desktop\RSITx64.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-04 10:10 - 2015-08-14 23:28 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-04 09:53 - 2009-07-14 06:45 - 000025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-06-04 09:53 - 2009-07-14 06:45 - 000025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-06-04 09:29 - 2009-01-02 07:10 - 000034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2022-06-04 09:28 - 2016-09-05 18:35 - 000073232 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2022-06-04 09:28 - 2009-01-02 06:41 - 000017408 _____ C:\Windows\system32\rpcnetp.exe
2022-06-04 09:26 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-05-29 00:25 - 2015-08-24 23:28 - 000000000 ____D C:\Windows\system32\MRT
2022-05-28 23:27 - 2015-08-14 23:30 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-28 23:10 - 2015-08-24 23:28 - 145501456 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-05-28 22:08 - 2015-08-17 10:45 - 000000000 ____D C:\Program Files\Microsoft Office
2022-05-28 21:58 - 2021-10-20 18:57 - 000002014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-05-28 21:58 - 2021-09-30 15:31 - 000001860 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-05-28 21:58 - 2021-09-30 15:31 - 000001860 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-05-28 21:58 - 2021-09-30 15:31 - 000001848 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-05-08 19:13 - 2021-03-17 00:01 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2022-05-08 19:13 - 2020-03-24 15:24 - 000000000 ____D C:\Program Files (x86)\TNod
2022-05-08 19:13 - 2016-09-10 16:59 - 000000000 ____D C:\Users\zippy\Downloads\GoogleSketchUpPro 8
2022-05-08 19:07 - 2021-04-04 14:19 - 000000000 ____D C:\Users\zippy\Downloads\xiaomi 4a unlock
2022-05-08 10:59 - 2017-09-17 14:27 - 000000000 ____D C:\ProgramData\NationAssets
2022-05-08 10:59 - 2009-01-02 07:01 - 000000000 ____D C:\Program Files (x86)\Cisco
==================== Files in the root of some directories ========
2019-07-17 12:15 - 2019-07-17 12:15 - 000000000 _____ () C:\Program Files (x86)\appl.log
2016-04-07 13:57 - 2016-04-07 13:57 - 000000600 _____ () C:\Users\zippy\AppData\Roaming\winscp.rnd
2015-08-18 08:16 - 2022-02-13 12:50 - 000000128 _____ () C:\Users\zippy\AppData\Local\PUTTY.RND
2019-03-02 22:02 - 2019-03-02 22:02 - 000007605 _____ () C:\Users\zippy\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2022-05-08 20:42
==================== End of FRST.txt ========================
Ran by zippy (administrator) on ZIPPY-PC (ASUSTeK COMPUTER INC. B400A) (04-06-2022 10:13:22)
Running from C:\Users\zippy\Desktop
Loaded Profiles: zippy
Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(C:\Program Files (x86)\Google\Update\Install\{94166C86-012B-40DD-9748-297B0B23A3D6}\102.0.5005.63_101.0.4951.67_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{94166C86-012B-40DD-9748-297B0B23A3D6}\CR_A691D.tmp\setup.exe <2>
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(explorer.exe ->) (Disc Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{94166C86-012B-40DD-9748-297B0B23A3D6}\102.0.5005.63_101.0.4951.67_chrome_updater.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
(services.exe ->) () [File not signed] D:\srv_apps\bbgate\Apache.exe <2>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (CrypKey (Canada) Ltd.) [File not signed] C:\Windows\System32\Crypserv.exe
(services.exe ->) (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation - Business Client Platform Division -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel(R) Smart Connect software -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(services.exe ->) (Validity Sensors, Inc.) [File not signed] C:\Windows\System32\vcsFPService.exe
(services.exe ->) (VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(services.exe ->) (VOLKSWAGEN AG) [File not signed] D:\srv_apps\bbgate\BBGate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(taskeng.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {12577f27-6a9f-11eb-8851-f48092b56344} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {1edd4882-4fc2-11eb-89dd-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {1edd48b8-4fc2-11eb-89dd-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {5bb22c90-ece1-11e8-8ef4-c8f7336ca29f} - E:\OInstall.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {85c9b526-01bc-11eb-884f-08606e18a8a4} - 华为手机助手安装ĺ‘导.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {a219ce85-950b-11ea-832d-c8f7336ca29b} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {b3cf6cec-8cbf-11ec-960e-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {b3cf6cfe-8cbf-11ec-960e-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\CNAP2 Monitor: C:\Windows\system32\CNAP2LMD.DLL [486400 2012-09-03] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-28] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-04-07] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{0CE326A8-C767-433F-82B9-601B2A27321E}] -> C:\Windows\system32\AsusFPCredentialProvider.dll [2012-09-22] () [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater-SVO.lnk [2021-10-09]
ShortcutTarget: RT-Updater-SVO.lnk -> C:\Ross-Tech\VCDS SVO 20.4.2\VCDS.exe (Ross-Tech, LLC -> Ross-Tech, LLC)
Startup: C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk [2021-06-29]
ShortcutTarget: RT-Updater.lnk -> C:\Ross-Tech\VCDS 20.4.1\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0643BCDB-A9D9-426E-9E4D-24B3ADE03E5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {135535C8-87DC-49D7-A74C-6A6F740C9D6D} - System32\Tasks\GoogleUpdateTaskMachineCore{AE6DF576-7FA7-4A59-B2DE-0CBA3D08FD52} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-14] (Google Inc -> Google Inc.)
Task: {18492137-DC19-480D-B1F5-F32DCA8583E9} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {25DCCC94-2C25-4905-A720-8CECF9155877} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {341F4081-BD7A-4B52-A210-E828B1E59A8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2022-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F6CA75B-AE11-4062-A832-52EAA2AE782B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {41465486-A1F1-4FAA-971E-188DFC961961} - System32\Tasks\{FBE65720-74A3-46C9-8FFE-EDFB6F691276} => C:\Windows\system32\pcalua.exe -a "C:\Users\zippy\Downloads\Huawei_Android_phone_drivers\Huawei Android phone drivers\DriverSetup.exe" -d "C:\Users\zippy\Downloads\Huawei_Android_phone_drivers\Huawei Android phone drivers"
Task: {554ED453-7B86-46F4-9F93-E3048A84F2EE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2022-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C80FDDF-E975-4694-B471-6F2B4B7F9C1D} - System32\Tasks\GoogleUpdateTaskMachineUA{163BD96A-C5C9-4028-A12E-59D4998602C8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-14] (Google Inc -> Google Inc.)
Task: {B46545DA-BAF2-4AD9-8ADA-BE67C3644E88} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160680 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C35DA3D0-B5AD-4D23-A947-7C002497BDC1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160680 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {D85FE754-5673-44D6-BB0D-14CDF4EF8B2F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8
Tcpip\..\Interfaces\{132EF034-57AE-4B13-8DC5-8596BB8B0D63}: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8
Tcpip\..\Interfaces\{97F296BA-EF48-4F4C-BAD8-75275EC90D86}: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8
Edge:
=======
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default [2022-06-04]
CHR Notifications: Default -> hxxp://router.asus.com; hxxps://p7.regardensy.mobi; hxxps://www.facebook.com; hxxps://www.google.cz; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-08-14]
CHR Extension: (Cultures Online) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbdgmikfnklbopkafjgbcejoiipemkl [2015-08-14]
CHR Extension: (Full Screen Weather) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2015-08-14]
CHR Extension: (Facebook for Chrome) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2015-08-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-08]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2019-01-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-04]
CHR Extension: (Google Translate) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfhgpjbcoignfibliobpclhpfnadhofn [2022-02-13]
CHR Extension: (Quick Earth) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khodocggeplgfhppgagfdpbjkniadmdh [2015-08-14]
CHR Extension: (3D Solar System Web) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2015-08-14]
CHR Extension: (Typing Game) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mobfbeogeanchbdhboilncgnkfkibjjg [2015-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]
CHR Extension: (convert2mp3.net Online Video Converter) - C:\Users\zippy\Downloads\convert2mp3_chrome_addon-2.4\convert2mp3_video_converter_2.4 [2014-12-18] [UpdateUrl:hxxp://convert2mp3.net/misc/chrome_update.xml] <==== ATTENTION
CHR Profile: C:\Users\zippy\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AsusFPService; C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe [912896 2012-09-22] () [File not signed]
R2 BBGate; D:\srv_apps\bbgate\BBGate.exe [1211392 2014-03-05] (VOLKSWAGEN AG) [File not signed]
R2 BBGate-HTTPD; D:\srv_apps\bbgate\Apache.exe [20480 2013-06-20] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139024 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation -> Intel Corporation)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2429544 2011-12-07] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation - Business Client Platform Division -> Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-17] (Intel(R) Smart Connect software -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-08] (Malwarebytes Inc. -> Malwarebytes)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc. -> McAfee, Inc.)
S4 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc. -> McAfee, Inc.)
S4 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc. -> McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [42168 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ReportServer; c:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2194096 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [334848 2010-08-10] () [File not signed]
R2 vcsFPService; C:\Windows\system32\vcsFPService.exe [2248192 2012-09-11] (Validity Sensors, Inc.) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-09-14] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
S4 WorkshopDBService; C:\Program Files (x86)\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2019-02-05] (Acresso) [File not signed]
S2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [X]
S2 DptfPolicyConfigTDPService; %SystemRoot%\system32\DptfPolicyConfigTDPService.exe [X]
S3 DSAUpdateService; "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe" [X]
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 assd; C:\Windows\System32\Drivers\assd.sys [31104 2012-08-21] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1394688 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [80896 2012-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [111104 2012-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [849408 2012-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\System32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevFan; C:\Windows\System32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevGen; C:\Windows\System32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfManager; C:\Windows\System32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47160 2018-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2018-11-20] (DT Soft Ltd -> DT Soft Ltd)
S3 edicusb; C:\Windows\System32\DRIVERS\edicusb7x64.sys [33944 2016-03-01] (Softing AG -> Softing Automotive Electronics GmbH)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [386632 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S2 HOSTNT; C:\Windows\SysWow64\Drivers\HOSTNT.sys [4032 2019-07-17] () [File not signed]
S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [17280 2012-08-05] (ASUSTeK Computer Inc. -> )
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [57344 2009-06-10] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239560 2022-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [67584 2021-01-11] (NGO -> Chingachguk & Denger2k (Elite & SP edition))
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] (CrypKey (Canada) Inc. -> )
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S2 NSHE; C:\Windows\SysWOW64\Drivers\NSHE.SYS [98816 2013-05-22] (NGO -> T0r0 2008) [File not signed]
S3 NSNDIS5; C:\Windows\SysWOW64\NSNDIS5.SYS [17280 2004-03-24] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [245248 2015-07-09] (QUALCOMM Incorporated) [File not signed]
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 RT-USB; C:\Windows\System32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2018-11-20] (Duplex Secure Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [22128 2011-07-16] (STMicroelectronics -> ST Microelectronics)
S3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [48096 2012-08-10] (Intel Wireless Display -> Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [121824 2016-07-21] (Oracle Corporation -> Oracle Corporation)
U5 vsock; C:\Windows\System32\Drivers\vsock.sys [103736 2019-08-14] (VMware, Inc. -> VMware, Inc.)
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [47616 2007-12-17] (Eltima Software -> )
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2022-06-04] (Intel(R) Smart Connect software -> )
S3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188384 2012-08-10] (Intel Wireless Display -> Windows (R) Win 7 DDK provider)
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
S1 fkwktvhs; \??\C:\Windows\system32\drivers\fkwktvhs.sys [X]
S3 PCASp60; System32\Drivers\PCASp60.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-04 10:13 - 2022-06-04 10:18 - 000034495 _____ C:\Users\zippy\Desktop\FRST.txt
2022-06-04 10:12 - 2022-06-04 10:16 - 000000000 ____D C:\FRST
2022-06-04 10:11 - 2022-06-04 10:12 - 002368000 _____ (Farbar) C:\Users\zippy\Desktop\FRST64.exe
2022-06-04 09:29 - 2022-06-04 09:29 - 000094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2022-05-28 22:10 - 2022-05-28 22:10 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002422 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2022-05-08 18:16 - 2022-05-08 18:16 - 000000000 ____D C:\Users\zippy\AppData\Local\mbam
2022-05-08 18:13 - 2022-05-08 18:13 - 000001966 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-05-08 18:13 - 2022-05-08 18:13 - 000001954 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-05-08 18:12 - 2022-06-04 09:31 - 000239560 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-05-08 18:12 - 2022-05-08 18:12 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-05-08 18:11 - 2022-05-08 18:10 - 000103888 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-05-08 18:09 - 2022-05-08 18:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-05-08 18:09 - 2022-05-08 18:09 - 000000000 ____D C:\Program Files\Malwarebytes
2022-05-08 18:06 - 2022-05-08 18:07 - 002443448 _____ (Malwarebytes) C:\Users\zippy\Desktop\MBSetup-119181.119181-consumer.exe
2022-05-08 18:02 - 2022-05-08 18:07 - 000000000 ____D C:\rsit
2022-05-08 18:02 - 2022-05-08 18:06 - 000000000 ____D C:\Program Files\trend micro
2022-05-08 18:01 - 2022-05-08 18:01 - 001222144 _____ C:\Users\zippy\Desktop\RSITx64.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-04 10:10 - 2015-08-14 23:28 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-04 09:53 - 2009-07-14 06:45 - 000025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-06-04 09:53 - 2009-07-14 06:45 - 000025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-06-04 09:29 - 2009-01-02 07:10 - 000034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2022-06-04 09:28 - 2016-09-05 18:35 - 000073232 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2022-06-04 09:28 - 2009-01-02 06:41 - 000017408 _____ C:\Windows\system32\rpcnetp.exe
2022-06-04 09:26 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-05-29 00:25 - 2015-08-24 23:28 - 000000000 ____D C:\Windows\system32\MRT
2022-05-28 23:27 - 2015-08-14 23:30 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-28 23:10 - 2015-08-24 23:28 - 145501456 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-05-28 22:08 - 2015-08-17 10:45 - 000000000 ____D C:\Program Files\Microsoft Office
2022-05-28 21:58 - 2021-10-20 18:57 - 000002014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-05-28 21:58 - 2021-09-30 15:31 - 000001860 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-05-28 21:58 - 2021-09-30 15:31 - 000001860 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-05-28 21:58 - 2021-09-30 15:31 - 000001848 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-05-08 19:13 - 2021-03-17 00:01 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2022-05-08 19:13 - 2020-03-24 15:24 - 000000000 ____D C:\Program Files (x86)\TNod
2022-05-08 19:13 - 2016-09-10 16:59 - 000000000 ____D C:\Users\zippy\Downloads\GoogleSketchUpPro 8
2022-05-08 19:07 - 2021-04-04 14:19 - 000000000 ____D C:\Users\zippy\Downloads\xiaomi 4a unlock
2022-05-08 10:59 - 2017-09-17 14:27 - 000000000 ____D C:\ProgramData\NationAssets
2022-05-08 10:59 - 2009-01-02 07:01 - 000000000 ____D C:\Program Files (x86)\Cisco
==================== Files in the root of some directories ========
2019-07-17 12:15 - 2019-07-17 12:15 - 000000000 _____ () C:\Program Files (x86)\appl.log
2016-04-07 13:57 - 2016-04-07 13:57 - 000000600 _____ () C:\Users\zippy\AppData\Roaming\winscp.rnd
2015-08-18 08:16 - 2022-02-13 12:50 - 000000128 _____ () C:\Users\zippy\AppData\Local\PUTTY.RND
2019-03-02 22:02 - 2019-03-02 22:02 - 000007605 _____ () C:\Users\zippy\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2022-05-08 20:42
==================== End of FRST.txt ========================
Re: Prosím o preventivní kontrolu logu - POMALÝ PC
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2022 01
Ran by zippy (04-06-2022 10:20:44)
Running from C:\Users\zippy\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X64) (2015-08-14 18:32:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3120791401-419603262-3569886352-500 - Administrator - Disabled)
Guest (S-1-5-21-3120791401-419603262-3569886352-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3120791401-419603262-3569886352-1005 - Limited - Enabled)
zippy (S-1-5-21-3120791401-419603262-3569886352-1000 - Administrator - Enabled) => C:\Users\zippy
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ASUS AlwaysLive (HKLM-x32\...\{47648543-9411-4E38-B24F-AA9186FAAEF2}) (Version: 1.0.1 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS FingerPrint (HKLM-x32\...\{3C8ABBCF-EADC-4BD7-AD10-5D48B2A8A332}) (Version: 1.0.5 - ASUSTek Computer Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.2 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0012 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.7.2 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
Auto-diagnostika (HKLM-x32\...\{96A08A55-6F13-4105-B794-472801453427}) (Version: 1.0.0 - AutoComSoft s.r.o)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Balíček ovladače systému Windows - AVL DiTEST (VAS6356) Net (06/01/2011 3.14.3.6) (HKLM\...\977056345FBDB7C834B41705C11ADE45A26FA056) (Version: 06/01/2011 3.14.3.6 - AVL DiTEST)
Balíček ovladače systému Windows - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package - Bus/D2XX Driver (10/28/2015 2.12.10) (HKLM\...\12D44995952AE7F32773C9692DF0FC7C18D8780F) (Version: 10/28/2015 2.12.10 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package - VCP Driver (10/28/2015 2.12.10) (HKLM\...\9A46F8D76A417B6410313C6EA2772D42E3F5B88B) (Version: 10/28/2015 2.12.10 - FTDI)
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech)
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\F99E6C5A14B5EBAB27FDFE2637878DF8208069E7) (Version: 05/12/2014 2.10.00 - Ross-Tech)
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (06/16/2010 2.06.02) (HKLM\...\F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443) (Version: 06/16/2010 2.06.02 - Ross-Tech)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Caesar 3 (HKLM-x32\...\GOGPACKCAESAR3_is1) (Version: 2.0.0.9 - GOG.com)
Canon LBP3010/LBP3018/LBP3050 (HKLM\...\Canon LBP3010/LBP3018/LBP3050) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - )
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
Crash Bandicoot 2 version 1.9.0 (HKLM-x32\...\{6A17D308-CA80-4423-8EAB-4CBB645DBEC4}_is1) (Version: 1.9.0 - )
Crash Bandicoot 3 version 1.9.0 (HKLM-x32\...\{C44E0661-5603-4F83-B85D-4092248E2DFB}_is1) (Version: 1.9.0 - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Diablo II CZ verze 1.13c (HKLM-x32\...\{F380060E-D8AC-4823-91B8-71B9054C8DD2}_is1) (Version: 1.13c - )
DiskGenius 5.1.2 (HKLM\...\{2661F2FA-56A7-415D-8196-C4CB3D3ACFFE}_is1) (Version: - Eassos Co., Ltd.)
ETDWare PS/2-X64 11.5.0.9_WHQL (HKLM\...\Elantech) (Version: 11.5.0.9 - ELAN Microelectronic Corp.)
Expendable (HKLM-x32\...\1207658789_is1) (Version: 1.0 - GOG.com)
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
Firefox portable - TV (HKLM-x32\...\{7E2E3B95-8D35-4C23-9BFE-442044F05B33}) (Version: 1.26.11.14 - Starnet s.r.o.)
FormApps Signing Extension (HKLM-x32\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GDR 4042 for SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 58.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.67 - Google LLC)
HellShare Upload Client verze 2.0 (HKLM-x32\...\{D23B94EF-3D81-4EC7-B826-EF3D07F8C7AF}_is1) (Version: 2.0 - HellShare.com)
Heroes of Might and Magic III Complete HD verze 4.203 RC3 (HKLM-x32\...\{9C248150-24CA-45DF-8A4E-632BD270D09D}_is1) (Version: 4.203 RC3 - )
Heroes of Might and Magic IV Gold verze 3.0c (HKLM-x32\...\{67FA88C6-ECC7-45AD-9615-3FB4AFE3E131}_is1) (Version: 3.0c - )
Heroes of Might and Magic V with Hammers of Fate (HKLM-x32\...\1207661143_is1) (Version: 2.1.0.22 - GOG.com)
HID OMNIKEY 3x2x PC/SC Driver (HKLM-x32\...\{8C825A17-A0F6-48AE-8DAE-A9FAC5999510}) (Version: 1.2.24.27 - HID Global Corporation)
Intel Driver && Support Assistant (HKLM-x32\...\{6B913517-E442-4045-A3A6-4C9EC4C4F0CC}) (Version: 19.10.42.4 - Intel) Hidden
Intel PROSet Wireless (HKLM\...\ProInst) (Version: - ) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.6.1082 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2752 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 1.1.22.3687 - Intel(R) Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{DE788AD4-F7CE-4995-ADF8-56174A7B613C}) (Version: 3.0.41.1571 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{608E1B9B-A2E8-4A1F-8BAB-874EB0DD25E3}) (Version: 1.0.0.34813 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{d42c99b5-286f-435f-8ba8-367bd9cffb1b}) (Version: 19.10.42.4 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}) (Version: 1.24.738.1 - Intel Corporation) Hidden
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Underground 2 verze 1.2 (HKLM-x32\...\{6B8B33B2-6227-4912-9173-0A1F32535CF7}_is1) (Version: 1.2 - )
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version: - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Patch 1.00 (HKLM-x32\...\Patch 1.00) (Version: 1.00 - Patch)
Pharaoh Gold (HKLM-x32\...\1207659046_is1) (Version: 2.1.0.15 - GOG.com)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.1.312 - Jan Fiala)
qBittorrent 4.3.2 (HKLM-x32\...\qBittorrent) (Version: 4.3.2 - The qBittorrent project)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28117 - Realtek Semiconductor Corp.)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.16 - ASUS)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Softing D-PDU API V1.20.042 EDIC_D_PDU_API_OS (HKLM-x32\...\Softing D-PDU API V1.20.042 EDIC_D_PDU_API_OS) (Version: 1.20.042 - Softing Automotive Electronics GmbH)
SQL Server 2008 R2 Reporting Services (HKLM\...\{0C270C59-8706-42B8-A2AD-6E5EE18BC90B}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 BI Development Studio (HKLM\...\{1330309E-64D3-43F4-AA18-BC856182B5DB}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 BI Development Studio (HKLM\...\{312E8540-0799-45D5-A02E-DFB8FCA93CCA}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{2E81ADBE-DED7-4B54-9C8D-FBD885C259C5}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{5318020E-E32C-4A33-BC8D-EEF5CC2F6CA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{9FFAE13C-6160-4DD0-A67A-DAC5994F81BD}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{A06F883B-5E97-486F-BD22-7EAB77E8F701}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Full text search (HKLM\...\{9E9A647A-7AB5-40BF-9D0B-329451770077}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{51E5BC99-A087-4CFF-8D93-462903EA7E12}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Reporting Services (HKLM\...\{2453DBC8-ACC4-4711-BD03-0C15353AA3D8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.07.0031 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STORMWARE POHODA Start CZ (HKLM-x32\...\{6531FE3F-206A-4683-BA0A-3AC2CD746021}) (Version: 11500.110 - STORMWARE)
The Settlers II - 10th Anniversary (HKLM-x32\...\GOGPACKSETTLERS210TH_is1) (Version: 2.0.0.8 - GOG.com)
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Total Commander 8.51 Final Multilingual Full Version + Patch 8.51 (HKLM-x32\...\Total Commander 8.51 Final Multilingual Full Version + Patch 8.51) (Version: 8.51 - Total Commander)
UndeleteMyFiles Pro (HKLM-x32\...\UndeleteMyFiles Pro_is1) (Version: - SeriousBit)
Uplink (HKLM-x32\...\GOGPACKUPLINK_is1) (Version: 2.0.0.5 - GOG.com)
VAG CAN Professional version 5.0.4 (HKLM-x32\...\VAG CAN Professional_is1) (Version: 5.0.4 - )
Validity Sensors PBA DDK (HKLM\...\{6BCFA58F-AB31-4BB4-8999-5603ADE3B7C4}) (Version: 4.4.210.5 - Validity Sensors, Inc.)
VAS 6154 Driver Package 2.0.10.110 (HKLM-x32\...\VAS6154 RNDIS USB Driver_is1) (Version: 2.0.10.110 - Volkswagen AG)
VAS 6356 ODIS 2020 (HKLM-x32\...\{B3C5AF3B-63A8-4803-A89B-D6DDFA5A5F5A}) (Version: 1.19.0005 - AVL DiTEST GmbH)
VAS 6558 - 6558A ODIS 2020 (HKLM-x32\...\{4F917E7C-4EF8-4881-818F-8D8992D83FF0}) (Version: 1.18.0005 - AVL DiTEST GmbH)
VCDS Release 21.3.0 (HKLM-x32\...\VCDS Release) (Version: 21.3.0 - Ross-Tech)
VCDS SVO 19.6 (HKLM-x32\...\VCDS SVO) (Version: SVO 19.6.2 - Ross-Tech, LLC)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Viber (HKLM-x32\...\{1136C29D-BAFD-4D56-9594-DF24428B85EE}) (Version: 6.9.1.77 - Viber Media Inc.) Hidden
VIIPlusLoader 08.021.05 (HKLM-x32\...\VIIPlusLoader) (Version: 08.021.05 - ABCXX)
Vivid WorkshopData ATI (HKLM-x32\...\Vivid WorkshopData ATI) (Version: 8.3.0.1 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VW D-PDU API (XS_D_PDU_API_OS) (HKLM-x32\...\XS_D_PDU_API_OS_is1) (Version: 21.2.0 - Volkswagen AG)
VW-MCD MCD-Kernel 14.0.0 (HKLM-x32\...\Uninstall VW-MCD MCD-Kernel 14.0.0_is1) (Version: 14.0.0 - VW)
VW-MCD MCD-Kernel 14.0.0 Installation #2 (HKLM-x32\...\Uninstall VW-MCD MCD-Kernel 14.0.0 Installation #2_is1) (Version: 14.0.0 - VW)
VW-MCD ODX-Converter 14.0.0 (HKLM-x32\...\Uninstall VW-MCD ODX-Converter 14.0.0_is1) (Version: 14.0.0 - VW)
VW-MCD ODX-Converter 14.0.0 Installation #2 (HKLM-x32\...\Uninstall VW-MCD ODX-Converter 14.0.0 Installation #2_is1) (Version: 14.0.0 - VW)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.7.557 - ASUS Cloud Corporation)
Wi-Fi Scanner version 3.4.0.121 (HKLM-x32\...\Wi-Fi Scanner_is1) (Version: 3.4.0.121 - LizardSystems)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.61 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.35 - ASUS)
Wondershare Data Recovery(Build 4.3.1.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 4.3.1.6 - Wondershare Software Co.,Ltd.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3120791401-419603262-3569886352-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-10-23] (Disc Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers1: [DataSanitizerShellExtObj] -> {35595751-F655-4A14-90AB-C2EC32780F41} => C:\Program Files (x86)\Common Files\ASUS\Secure Delete\ASUS Secure Delete ShellExt.dll [2012-08-21] (ASUSTeK Computer Inc. -> TODO: <Company name>)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-10-23] (Disc Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSContextMenu.dll [2016-03-15] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-08] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DataSanitizerShellExtObj] -> {35595751-F655-4A14-90AB-C2EC32780F41} => C:\Program Files (x86)\Common Files\ASUS\Secure Delete\ASUS Secure Delete ShellExt.dll [2012-08-21] (ASUSTeK Computer Inc. -> TODO: <Company name>)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-08] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3120791401-419603262-3569886352-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\zippy\Desktop\starnet\Firefox Portable - TV.lnk -> C:\Program Files (x86)\Firefox portable - TV\FirefoxPortable.exe (PortableApps.com)
ShortcutWithArgument: C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hmpigflbjeapnknladcfphgkemopofig\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig
ShortcutWithArgument: C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig
==================== Loaded Modules (Whitelisted) =============
2018-11-20 18:23 - 2018-11-19 16:53 - 000002560 _____ () [File not signed] C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2021-01-21 00:15 - 2013-06-20 10:36 - 000299008 _____ () [File not signed] D:\srv_apps\bbgate\ApacheCore.dll
2012-04-24 03:21 - 2012-04-24 03:21 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2012-03-15 16:00 - 2012-03-15 16:00 - 000105472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2012-08-17 06:33 - 2012-08-17 06:33 - 002207744 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\LServ.dll
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2021-01-21 00:35 - 2021-01-21 00:35 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8a1a02152edb659b\ATL80.DLL
2012-09-11 17:40 - 2012-09-11 17:40 - 000569344 _____ (Validity Sensors, Inc.) [File not signed] C:\Windows\system32\vcsFPClient.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rpcnet => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: => <==== ATTENTION
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKU\S-1-5-21-3120791401-419603262-3569886352-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3120791401-419603262-3569886352-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-10-03 18:57 - 2022-02-13 12:50 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Fil
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: mcpltsvc => 3
MSCONFIG\Services: McSchedulerSvc => 2
MSCONFIG\Services: WorkshopDBService => 2
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: GoogleChromeAutoLaunch_05A2DD7A5AB557BE38B88C67EC7FFE53 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2BE6E737-233A-4225-AC1F-2A349ED4A902}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48E228F9-6D6D-4EEA-92E5-32B6B6FF7FED}] => (Allow) LPort=2869
FirewallRules: [{2BF3935E-0230-49B0-98B3-E675E577098E}] => (Allow) LPort=1900
FirewallRules: [{1BD0E0D6-B221-4E50-92E3-129534FA31FE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{6EB5C4BD-A1E4-4FA0-874C-E375F2F867EF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Wireless Display -> Intel Corporation)
FirewallRules: [{0119894D-9E9F-47D4-ADBC-13810A996FAE}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{04CDC641-CF38-4970-9A8D-1DAC1901A314}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{EB810048-6024-4E8F-903D-D25113C32327}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{81B5CEC2-2AF5-4AD6-A1E9-2B45B021197C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [TCP Query User{2BA34A87-82AE-4316-AD76-BD20C8572ED5}\\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe] => (Allow) \\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe => No File
FirewallRules: [UDP Query User{CF26E233-1A4C-4407-97F6-B51BC1FEFFC1}\\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe] => (Allow) \\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe => No File
FirewallRules: [TCP Query User{F201442A-9C37-415B-AC42-64FEF775EA41}D:\winbox.exe] => (Allow) D:\winbox.exe => No File
FirewallRules: [UDP Query User{E93EADFC-96D7-4DE3-9A1A-D46F487C952D}D:\winbox.exe] => (Allow) D:\winbox.exe => No File
FirewallRules: [TCP Query User{D799B948-6D2E-4C71-B978-B4166EA169ED}D:\hry\tmunitedforever\tmforever.exe] => (Allow) D:\hry\tmunitedforever\tmforever.exe () [File not signed]
FirewallRules: [UDP Query User{BCB8C6A6-61B9-411A-BE25-4925C4981A91}D:\hry\tmunitedforever\tmforever.exe] => (Allow) D:\hry\tmunitedforever\tmforever.exe () [File not signed]
FirewallRules: [{435D3954-F3D6-460F-A861-DA95BB238C24}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{A18EE0BC-51B8-4581-B91B-8B93498B2B3A}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [TCP Query User{2731AD98-5B47-4FE6-B368-E62669F7E11E}C:\hry\valve\hl.exe] => (Allow) C:\hry\valve\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{BC727FDF-9127-4FD0-95C0-16CD1781660A}C:\hry\valve\hl.exe] => (Allow) C:\hry\valve\hl.exe (Valve) [File not signed]
FirewallRules: [{BE75B6E7-81D3-46B9-97E9-15DADF4E9536}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe () [File not signed]
FirewallRules: [{A079BC1C-767D-4599-B842-881B6411C4B9}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe () [File not signed]
FirewallRules: [{A55E2B3B-FD92-4DEF-9C33-366EAC233827}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E80D4EE7-F157-414B-896D-318F0114F6E0}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{DAF3AFAE-C581-4C86-9DD4-89E1D56B78A1}C:\program files (x86)\vivid workshopdata ati\sed.exe] => (Allow) C:\program files (x86)\vivid workshopdata ati\sed.exe () [File not signed]
FirewallRules: [UDP Query User{9F9A1405-11E9-43AC-8573-31AAD065DEF5}C:\program files (x86)\vivid workshopdata ati\sed.exe] => (Allow) C:\program files (x86)\vivid workshopdata ati\sed.exe () [File not signed]
FirewallRules: [{B9C30055-688D-4A26-8EC2-8585723D92C7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{27AD3760-8CE2-414A-917A-ECC235DD83E3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{DBC494DA-0FBB-48CA-93B9-37EB13D35347}C:\hry\counter-strike 1.6\hl.exe] => (Allow) C:\hry\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{6AABBCBF-703D-4790-9410-FB081720AFD7}C:\hry\counter-strike 1.6\hl.exe] => (Allow) C:\hry\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{25A378BB-DD85-490D-946C-25C8746AEDC7}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe => No File
FirewallRules: [UDP Query User{4E4C92EF-0FB0-4321-83B0-14249A82101F}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe => No File
FirewallRules: [{BEC6AD97-A672-44D1-ADD8-A2A3DA459A77}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{DBA32A8B-73D4-47D8-9CC8-897FB36E7DAA}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{BAC2A0EA-C071-4960-880E-FC5B7C550813}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{DA9E34CB-3B69-45C7-B9A5-74A8D4147C6F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{633DE3ED-A4C1-4D2B-975C-87EA0B1C7BF7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{9972903B-C780-403D-B32E-3FE134743172}] => (Allow) D:\Steam\steamapps\common\Hacknet\Hacknet.exe () [File not signed]
FirewallRules: [{F7C3F2D6-B504-4720-8A40-ECB5ECD87646}] => (Allow) D:\Steam\steamapps\common\Hacknet\Hacknet.exe () [File not signed]
FirewallRules: [{C3398886-2900-4ED5-AA57-93E5F72AC8B0}] => (Allow) LPort=135
FirewallRules: [TCP Query User{F2C6C0FB-9F06-44BD-809B-8FF1F84BADB2}C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe] => (Allow) C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe (BALTAGY -> Nero AG) [File not signed]
FirewallRules: [UDP Query User{5ABD05DD-FE2B-469B-82C8-BABF085B17AA}C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe] => (Allow) C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe (BALTAGY -> Nero AG) [File not signed]
FirewallRules: [TCP Query User{BB794DC3-76A3-4572-9CE4-200D910550F3}C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe] => (Allow) C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe => No File
FirewallRules: [UDP Query User{E30C7BED-D2A9-497B-954B-6B44DE06789A}C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe] => (Allow) C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe => No File
FirewallRules: [{E2F79DC6-D442-4ECF-85B2-2F2996C095F8}] => (Allow) C:\Program Files (x86)\I+ME Actia GmbH\VAS6154 Driver\VAS6154App.exe (Actia I+ME GmbH -> Volkswagen AG)
FirewallRules: [{E7251C89-CA74-4297-8A36-0D16C22A93C6}] => (Allow) C:\Program Files (x86)\I+ME Actia GmbH\VAS6154 Driver\VAS6154App.exe (Actia I+ME GmbH -> Volkswagen AG)
FirewallRules: [{A6AD6C3C-BE1C-4B70-A1F2-B2E75DB41D74}] => (Allow) C:\Program Files (x86)\VW_PDUAPI_OS\PduProtocolLayerJ2534.exe => No File
FirewallRules: [{61C66289-501F-4F10-9C26-639AF4B58BD6}] => (Allow) C:\Program Files (x86)\VW_PDUAPI_OS\PduProtocolLayerVector.exe => No File
FirewallRules: [{999432E9-0B77-445D-9728-BB5A411A2ECE}] => (Allow) C:\Ross-Tech\VCDS 20.4.1\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{0B6A63E5-ED3C-4D4A-ADCE-24BED74A07F2}] => (Allow) C:\Ross-Tech\VCDS 20.4.1\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{EE1B7B90-C8F4-4170-8E83-907334E471E4}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => No File
FirewallRules: [{6A55E916-CBB3-4165-89D5-911589064D82}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => No File
FirewallRules: [{E1486ACC-FD54-48AE-ABAE-E52318CFF0FF}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => No File
FirewallRules: [{C4198E8B-CBCF-45C3-A92D-7E517E8E6D34}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{82625E8E-15FE-4A12-A5C5-8464DFFCE2E4}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{FA38476C-0A67-46FC-8191-E30C850E9FB5}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [{DAC16B08-3168-43C6-845C-3CB586ECD185}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AAD2DC56-6197-400C-BE21-5ECEF55BEA26}C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe] => (Allow) C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe (The 3DO Company) [File not signed]
FirewallRules: [UDP Query User{C4B5DAE5-4508-452B-9647-CF652446E6CE}C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe] => (Allow) C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe (The 3DO Company) [File not signed]
FirewallRules: [TCP Query User{8AFB8950-0C6C-4FD8-B3DD-FDCC14A5B7E9}C:\program files (x86)\sonork\sonork.exe] => (Allow) C:\program files (x86)\sonork\sonork.exe => No File
FirewallRules: [UDP Query User{5352A487-E18A-4367-8EFD-FDB4AC3A0427}C:\program files (x86)\sonork\sonork.exe] => (Allow) C:\program files (x86)\sonork\sonork.exe => No File
FirewallRules: [{DEAA0AD7-9D70-4303-B47C-90F2D425F10B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
28-05-2022 22:09:29 Windows Update
28-05-2022 23:03:09 Windows Update
04-06-2022 10:01:51 Windows Update
==================== Faulty Device Manager Devices ============
Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/04/2022 09:27:06 AM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder
Error: (06/04/2022 09:27:06 AM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder
Error: (06/04/2022 09:26:58 AM) (Source: BBGate) (EventID: 110) (User: NT AUTHORITY)
Description: Critical Error: BBGate(.\ElsaGate.cpp, 4637): Connection to aktive partner server failed. Třída není zaregistrována
Error: (05/28/2022 09:45:05 PM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder
Error: (05/28/2022 09:45:05 PM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder
Error: (05/28/2022 09:45:00 PM) (Source: BBGate) (EventID: 110) (User: NT AUTHORITY)
Description: Critical Error: BBGate(.\ElsaGate.cpp, 4637): Connection to aktive partner server failed. Třída není zaregistrována
Error: (05/08/2022 10:02:50 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.
Error: (05/01/2022 03:01:01 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetIsctMode Set ISCT_MODE failed, EXP=3, ACT=1
System errors:
=============
Error: (06/04/2022 10:27:51 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/04/2022 10:17:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace bezpečnostních informací pro produkt Microsoft Security Essentials - KB2310138 (verze 1.367.1009.0).
Error: (06/04/2022 10:03:22 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Fáze aktualizace: Instalovat
Zdrojová cesta:
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby: Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Error: (06/04/2022 10:01:57 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.367.625.0
Zdroj aktualizace: Server Microsoft Update
Fáze aktualizace: Stahovat
Zdrojová cesta: http://www.microsoft.com
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19200.6
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Error: (06/04/2022 10:01:57 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.367.625.0
Zdroj aktualizace: Server Microsoft Update
Fáze aktualizace: Instalovat
Zdrojová cesta: http://www.microsoft.com
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19200.6
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Error: (06/04/2022 10:01:57 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.367.625.0
Zdroj aktualizace: Server Microsoft Update
Fáze aktualizace: Instalovat
Zdrojová cesta: http://www.microsoft.com
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19200.6
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Error: (06/04/2022 09:41:21 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (06/04/2022 09:41:21 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Windows Defender:
================
Date: 2019-09-15 22:37:40.483
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=258086
Název:SoftwareBundler:Win32/Prepscram.BN!MTB
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\zippy\AppData\Local\Temp\is-NVLBN.tmp\Upgrade.exe;file:C:\Users\zippy\AppData\Local\Temp\is-OU3J3.tmp\Upgrade.exe;process:pid:8068;process:pid:8424
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2019-09-15 22:36:11.209
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=258086
Název:SoftwareBundler:Win32/Prepscram.BN!MTB
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\zippy\AppData\Local\Temp\is-OU3J3.tmp\Upgrade.exe;process:pid:8068
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2018-09-13 17:26:07.956
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{D1680C0C-1D51-46EF-B8D3-11BDD577E5EE}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2018-06-13 10:34:53.588
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{47BCAF38-9073-4E6D-843A-38C318428318}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Event[0]:
Date: 2019-09-15 22:38:01.820
Description:
Prohledávání Windows Defender zjistilo chybu při provádění akce u spywaru nebo jiného potenciálně nežádoucího softwaru.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=258086
Uživatel:zippy-PC\zippy
Název:SoftwareBundler:Win32/Prepscram.BN!MTB
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Cesta:
Akce:Odebrat
Kód chyby:0x80508023
Popis chyby:Programu se nepodařilo najít spyware ani jiný potenciálně nežádoucí software v tomto počítači.
Stav:
Date: 2018-07-04 16:01:04.177
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2018-07-04 16:01:04.146
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
BIOS: American Megatrends Inc. B400A.211 05/17/2013
Motherboard: ASUSTeK COMPUTER INC. B400A
Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 88%
Total physical RAM: 3965.17 MB
Available physical RAM: 443.1 MB
Total Virtual: 7928.48 MB
Available Virtual: 2127.33 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:185.99 GB) (Free:38.72 GB) (Model: ATA Hitachi HTS54505 SCSI Disk Device) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:53.32 GB) (Model: ATA Hitachi HTS54505 SCSI Disk Device) NTFS
\\?\Volume{ee4ca6e7-d578-48ac-a419-7eb7997dfeb2}\ (Recovery) (Fixed) (Total:25 GB) (Free:10.94 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 51BD08DA)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by zippy (04-06-2022 10:20:44)
Running from C:\Users\zippy\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X64) (2015-08-14 18:32:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3120791401-419603262-3569886352-500 - Administrator - Disabled)
Guest (S-1-5-21-3120791401-419603262-3569886352-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3120791401-419603262-3569886352-1005 - Limited - Enabled)
zippy (S-1-5-21-3120791401-419603262-3569886352-1000 - Administrator - Enabled) => C:\Users\zippy
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ASUS AlwaysLive (HKLM-x32\...\{47648543-9411-4E38-B24F-AA9186FAAEF2}) (Version: 1.0.1 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS FingerPrint (HKLM-x32\...\{3C8ABBCF-EADC-4BD7-AD10-5D48B2A8A332}) (Version: 1.0.5 - ASUSTek Computer Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.2 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0012 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.7.2 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
Auto-diagnostika (HKLM-x32\...\{96A08A55-6F13-4105-B794-472801453427}) (Version: 1.0.0 - AutoComSoft s.r.o)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Balíček ovladače systému Windows - AVL DiTEST (VAS6356) Net (06/01/2011 3.14.3.6) (HKLM\...\977056345FBDB7C834B41705C11ADE45A26FA056) (Version: 06/01/2011 3.14.3.6 - AVL DiTEST)
Balíček ovladače systému Windows - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package - Bus/D2XX Driver (10/28/2015 2.12.10) (HKLM\...\12D44995952AE7F32773C9692DF0FC7C18D8780F) (Version: 10/28/2015 2.12.10 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package - VCP Driver (10/28/2015 2.12.10) (HKLM\...\9A46F8D76A417B6410313C6EA2772D42E3F5B88B) (Version: 10/28/2015 2.12.10 - FTDI)
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech)
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\F99E6C5A14B5EBAB27FDFE2637878DF8208069E7) (Version: 05/12/2014 2.10.00 - Ross-Tech)
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (06/16/2010 2.06.02) (HKLM\...\F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443) (Version: 06/16/2010 2.06.02 - Ross-Tech)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Caesar 3 (HKLM-x32\...\GOGPACKCAESAR3_is1) (Version: 2.0.0.9 - GOG.com)
Canon LBP3010/LBP3018/LBP3050 (HKLM\...\Canon LBP3010/LBP3018/LBP3050) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - )
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
Crash Bandicoot 2 version 1.9.0 (HKLM-x32\...\{6A17D308-CA80-4423-8EAB-4CBB645DBEC4}_is1) (Version: 1.9.0 - )
Crash Bandicoot 3 version 1.9.0 (HKLM-x32\...\{C44E0661-5603-4F83-B85D-4092248E2DFB}_is1) (Version: 1.9.0 - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Diablo II CZ verze 1.13c (HKLM-x32\...\{F380060E-D8AC-4823-91B8-71B9054C8DD2}_is1) (Version: 1.13c - )
DiskGenius 5.1.2 (HKLM\...\{2661F2FA-56A7-415D-8196-C4CB3D3ACFFE}_is1) (Version: - Eassos Co., Ltd.)
ETDWare PS/2-X64 11.5.0.9_WHQL (HKLM\...\Elantech) (Version: 11.5.0.9 - ELAN Microelectronic Corp.)
Expendable (HKLM-x32\...\1207658789_is1) (Version: 1.0 - GOG.com)
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
Firefox portable - TV (HKLM-x32\...\{7E2E3B95-8D35-4C23-9BFE-442044F05B33}) (Version: 1.26.11.14 - Starnet s.r.o.)
FormApps Signing Extension (HKLM-x32\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GDR 4042 for SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 58.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.67 - Google LLC)
HellShare Upload Client verze 2.0 (HKLM-x32\...\{D23B94EF-3D81-4EC7-B826-EF3D07F8C7AF}_is1) (Version: 2.0 - HellShare.com)
Heroes of Might and Magic III Complete HD verze 4.203 RC3 (HKLM-x32\...\{9C248150-24CA-45DF-8A4E-632BD270D09D}_is1) (Version: 4.203 RC3 - )
Heroes of Might and Magic IV Gold verze 3.0c (HKLM-x32\...\{67FA88C6-ECC7-45AD-9615-3FB4AFE3E131}_is1) (Version: 3.0c - )
Heroes of Might and Magic V with Hammers of Fate (HKLM-x32\...\1207661143_is1) (Version: 2.1.0.22 - GOG.com)
HID OMNIKEY 3x2x PC/SC Driver (HKLM-x32\...\{8C825A17-A0F6-48AE-8DAE-A9FAC5999510}) (Version: 1.2.24.27 - HID Global Corporation)
Intel Driver && Support Assistant (HKLM-x32\...\{6B913517-E442-4045-A3A6-4C9EC4C4F0CC}) (Version: 19.10.42.4 - Intel) Hidden
Intel PROSet Wireless (HKLM\...\ProInst) (Version: - ) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.6.1082 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2752 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 1.1.22.3687 - Intel(R) Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{DE788AD4-F7CE-4995-ADF8-56174A7B613C}) (Version: 3.0.41.1571 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{608E1B9B-A2E8-4A1F-8BAB-874EB0DD25E3}) (Version: 1.0.0.34813 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{d42c99b5-286f-435f-8ba8-367bd9cffb1b}) (Version: 19.10.42.4 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}) (Version: 1.24.738.1 - Intel Corporation) Hidden
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Underground 2 verze 1.2 (HKLM-x32\...\{6B8B33B2-6227-4912-9173-0A1F32535CF7}_is1) (Version: 1.2 - )
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version: - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Patch 1.00 (HKLM-x32\...\Patch 1.00) (Version: 1.00 - Patch)
Pharaoh Gold (HKLM-x32\...\1207659046_is1) (Version: 2.1.0.15 - GOG.com)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.1.312 - Jan Fiala)
qBittorrent 4.3.2 (HKLM-x32\...\qBittorrent) (Version: 4.3.2 - The qBittorrent project)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28117 - Realtek Semiconductor Corp.)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.16 - ASUS)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Softing D-PDU API V1.20.042 EDIC_D_PDU_API_OS (HKLM-x32\...\Softing D-PDU API V1.20.042 EDIC_D_PDU_API_OS) (Version: 1.20.042 - Softing Automotive Electronics GmbH)
SQL Server 2008 R2 Reporting Services (HKLM\...\{0C270C59-8706-42B8-A2AD-6E5EE18BC90B}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 BI Development Studio (HKLM\...\{1330309E-64D3-43F4-AA18-BC856182B5DB}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 BI Development Studio (HKLM\...\{312E8540-0799-45D5-A02E-DFB8FCA93CCA}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{2E81ADBE-DED7-4B54-9C8D-FBD885C259C5}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{5318020E-E32C-4A33-BC8D-EEF5CC2F6CA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{9FFAE13C-6160-4DD0-A67A-DAC5994F81BD}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{A06F883B-5E97-486F-BD22-7EAB77E8F701}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Full text search (HKLM\...\{9E9A647A-7AB5-40BF-9D0B-329451770077}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{51E5BC99-A087-4CFF-8D93-462903EA7E12}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Reporting Services (HKLM\...\{2453DBC8-ACC4-4711-BD03-0C15353AA3D8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.07.0031 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STORMWARE POHODA Start CZ (HKLM-x32\...\{6531FE3F-206A-4683-BA0A-3AC2CD746021}) (Version: 11500.110 - STORMWARE)
The Settlers II - 10th Anniversary (HKLM-x32\...\GOGPACKSETTLERS210TH_is1) (Version: 2.0.0.8 - GOG.com)
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Total Commander 8.51 Final Multilingual Full Version + Patch 8.51 (HKLM-x32\...\Total Commander 8.51 Final Multilingual Full Version + Patch 8.51) (Version: 8.51 - Total Commander)
UndeleteMyFiles Pro (HKLM-x32\...\UndeleteMyFiles Pro_is1) (Version: - SeriousBit)
Uplink (HKLM-x32\...\GOGPACKUPLINK_is1) (Version: 2.0.0.5 - GOG.com)
VAG CAN Professional version 5.0.4 (HKLM-x32\...\VAG CAN Professional_is1) (Version: 5.0.4 - )
Validity Sensors PBA DDK (HKLM\...\{6BCFA58F-AB31-4BB4-8999-5603ADE3B7C4}) (Version: 4.4.210.5 - Validity Sensors, Inc.)
VAS 6154 Driver Package 2.0.10.110 (HKLM-x32\...\VAS6154 RNDIS USB Driver_is1) (Version: 2.0.10.110 - Volkswagen AG)
VAS 6356 ODIS 2020 (HKLM-x32\...\{B3C5AF3B-63A8-4803-A89B-D6DDFA5A5F5A}) (Version: 1.19.0005 - AVL DiTEST GmbH)
VAS 6558 - 6558A ODIS 2020 (HKLM-x32\...\{4F917E7C-4EF8-4881-818F-8D8992D83FF0}) (Version: 1.18.0005 - AVL DiTEST GmbH)
VCDS Release 21.3.0 (HKLM-x32\...\VCDS Release) (Version: 21.3.0 - Ross-Tech)
VCDS SVO 19.6 (HKLM-x32\...\VCDS SVO) (Version: SVO 19.6.2 - Ross-Tech, LLC)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Viber (HKLM-x32\...\{1136C29D-BAFD-4D56-9594-DF24428B85EE}) (Version: 6.9.1.77 - Viber Media Inc.) Hidden
VIIPlusLoader 08.021.05 (HKLM-x32\...\VIIPlusLoader) (Version: 08.021.05 - ABCXX)
Vivid WorkshopData ATI (HKLM-x32\...\Vivid WorkshopData ATI) (Version: 8.3.0.1 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VW D-PDU API (XS_D_PDU_API_OS) (HKLM-x32\...\XS_D_PDU_API_OS_is1) (Version: 21.2.0 - Volkswagen AG)
VW-MCD MCD-Kernel 14.0.0 (HKLM-x32\...\Uninstall VW-MCD MCD-Kernel 14.0.0_is1) (Version: 14.0.0 - VW)
VW-MCD MCD-Kernel 14.0.0 Installation #2 (HKLM-x32\...\Uninstall VW-MCD MCD-Kernel 14.0.0 Installation #2_is1) (Version: 14.0.0 - VW)
VW-MCD ODX-Converter 14.0.0 (HKLM-x32\...\Uninstall VW-MCD ODX-Converter 14.0.0_is1) (Version: 14.0.0 - VW)
VW-MCD ODX-Converter 14.0.0 Installation #2 (HKLM-x32\...\Uninstall VW-MCD ODX-Converter 14.0.0 Installation #2_is1) (Version: 14.0.0 - VW)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.7.557 - ASUS Cloud Corporation)
Wi-Fi Scanner version 3.4.0.121 (HKLM-x32\...\Wi-Fi Scanner_is1) (Version: 3.4.0.121 - LizardSystems)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.61 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.35 - ASUS)
Wondershare Data Recovery(Build 4.3.1.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 4.3.1.6 - Wondershare Software Co.,Ltd.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3120791401-419603262-3569886352-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-10-23] (Disc Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers1: [DataSanitizerShellExtObj] -> {35595751-F655-4A14-90AB-C2EC32780F41} => C:\Program Files (x86)\Common Files\ASUS\Secure Delete\ASUS Secure Delete ShellExt.dll [2012-08-21] (ASUSTeK Computer Inc. -> TODO: <Company name>)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-10-23] (Disc Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSContextMenu.dll [2016-03-15] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-08] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DataSanitizerShellExtObj] -> {35595751-F655-4A14-90AB-C2EC32780F41} => C:\Program Files (x86)\Common Files\ASUS\Secure Delete\ASUS Secure Delete ShellExt.dll [2012-08-21] (ASUSTeK Computer Inc. -> TODO: <Company name>)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-08] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3120791401-419603262-3569886352-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\zippy\Desktop\starnet\Firefox Portable - TV.lnk -> C:\Program Files (x86)\Firefox portable - TV\FirefoxPortable.exe (PortableApps.com)
ShortcutWithArgument: C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hmpigflbjeapnknladcfphgkemopofig\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig
ShortcutWithArgument: C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig
==================== Loaded Modules (Whitelisted) =============
2018-11-20 18:23 - 2018-11-19 16:53 - 000002560 _____ () [File not signed] C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2021-01-21 00:15 - 2013-06-20 10:36 - 000299008 _____ () [File not signed] D:\srv_apps\bbgate\ApacheCore.dll
2012-04-24 03:21 - 2012-04-24 03:21 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2012-03-15 16:00 - 2012-03-15 16:00 - 000105472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2012-08-17 06:33 - 2012-08-17 06:33 - 002207744 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\LServ.dll
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2021-01-21 00:35 - 2021-01-21 00:35 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8a1a02152edb659b\ATL80.DLL
2012-09-11 17:40 - 2012-09-11 17:40 - 000569344 _____ (Validity Sensors, Inc.) [File not signed] C:\Windows\system32\vcsFPClient.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rpcnet => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: => <==== ATTENTION
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKU\S-1-5-21-3120791401-419603262-3569886352-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3120791401-419603262-3569886352-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-10-03 18:57 - 2022-02-13 12:50 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Fil
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: mcpltsvc => 3
MSCONFIG\Services: McSchedulerSvc => 2
MSCONFIG\Services: WorkshopDBService => 2
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: GoogleChromeAutoLaunch_05A2DD7A5AB557BE38B88C67EC7FFE53 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2BE6E737-233A-4225-AC1F-2A349ED4A902}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48E228F9-6D6D-4EEA-92E5-32B6B6FF7FED}] => (Allow) LPort=2869
FirewallRules: [{2BF3935E-0230-49B0-98B3-E675E577098E}] => (Allow) LPort=1900
FirewallRules: [{1BD0E0D6-B221-4E50-92E3-129534FA31FE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{6EB5C4BD-A1E4-4FA0-874C-E375F2F867EF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Wireless Display -> Intel Corporation)
FirewallRules: [{0119894D-9E9F-47D4-ADBC-13810A996FAE}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{04CDC641-CF38-4970-9A8D-1DAC1901A314}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{EB810048-6024-4E8F-903D-D25113C32327}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{81B5CEC2-2AF5-4AD6-A1E9-2B45B021197C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [TCP Query User{2BA34A87-82AE-4316-AD76-BD20C8572ED5}\\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe] => (Allow) \\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe => No File
FirewallRules: [UDP Query User{CF26E233-1A4C-4407-97F6-B51BC1FEFFC1}\\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe] => (Allow) \\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe => No File
FirewallRules: [TCP Query User{F201442A-9C37-415B-AC42-64FEF775EA41}D:\winbox.exe] => (Allow) D:\winbox.exe => No File
FirewallRules: [UDP Query User{E93EADFC-96D7-4DE3-9A1A-D46F487C952D}D:\winbox.exe] => (Allow) D:\winbox.exe => No File
FirewallRules: [TCP Query User{D799B948-6D2E-4C71-B978-B4166EA169ED}D:\hry\tmunitedforever\tmforever.exe] => (Allow) D:\hry\tmunitedforever\tmforever.exe () [File not signed]
FirewallRules: [UDP Query User{BCB8C6A6-61B9-411A-BE25-4925C4981A91}D:\hry\tmunitedforever\tmforever.exe] => (Allow) D:\hry\tmunitedforever\tmforever.exe () [File not signed]
FirewallRules: [{435D3954-F3D6-460F-A861-DA95BB238C24}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{A18EE0BC-51B8-4581-B91B-8B93498B2B3A}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [TCP Query User{2731AD98-5B47-4FE6-B368-E62669F7E11E}C:\hry\valve\hl.exe] => (Allow) C:\hry\valve\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{BC727FDF-9127-4FD0-95C0-16CD1781660A}C:\hry\valve\hl.exe] => (Allow) C:\hry\valve\hl.exe (Valve) [File not signed]
FirewallRules: [{BE75B6E7-81D3-46B9-97E9-15DADF4E9536}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe () [File not signed]
FirewallRules: [{A079BC1C-767D-4599-B842-881B6411C4B9}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe () [File not signed]
FirewallRules: [{A55E2B3B-FD92-4DEF-9C33-366EAC233827}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E80D4EE7-F157-414B-896D-318F0114F6E0}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{DAF3AFAE-C581-4C86-9DD4-89E1D56B78A1}C:\program files (x86)\vivid workshopdata ati\sed.exe] => (Allow) C:\program files (x86)\vivid workshopdata ati\sed.exe () [File not signed]
FirewallRules: [UDP Query User{9F9A1405-11E9-43AC-8573-31AAD065DEF5}C:\program files (x86)\vivid workshopdata ati\sed.exe] => (Allow) C:\program files (x86)\vivid workshopdata ati\sed.exe () [File not signed]
FirewallRules: [{B9C30055-688D-4A26-8EC2-8585723D92C7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{27AD3760-8CE2-414A-917A-ECC235DD83E3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{DBC494DA-0FBB-48CA-93B9-37EB13D35347}C:\hry\counter-strike 1.6\hl.exe] => (Allow) C:\hry\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{6AABBCBF-703D-4790-9410-FB081720AFD7}C:\hry\counter-strike 1.6\hl.exe] => (Allow) C:\hry\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{25A378BB-DD85-490D-946C-25C8746AEDC7}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe => No File
FirewallRules: [UDP Query User{4E4C92EF-0FB0-4321-83B0-14249A82101F}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe => No File
FirewallRules: [{BEC6AD97-A672-44D1-ADD8-A2A3DA459A77}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{DBA32A8B-73D4-47D8-9CC8-897FB36E7DAA}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{BAC2A0EA-C071-4960-880E-FC5B7C550813}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{DA9E34CB-3B69-45C7-B9A5-74A8D4147C6F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{633DE3ED-A4C1-4D2B-975C-87EA0B1C7BF7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{9972903B-C780-403D-B32E-3FE134743172}] => (Allow) D:\Steam\steamapps\common\Hacknet\Hacknet.exe () [File not signed]
FirewallRules: [{F7C3F2D6-B504-4720-8A40-ECB5ECD87646}] => (Allow) D:\Steam\steamapps\common\Hacknet\Hacknet.exe () [File not signed]
FirewallRules: [{C3398886-2900-4ED5-AA57-93E5F72AC8B0}] => (Allow) LPort=135
FirewallRules: [TCP Query User{F2C6C0FB-9F06-44BD-809B-8FF1F84BADB2}C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe] => (Allow) C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe (BALTAGY -> Nero AG) [File not signed]
FirewallRules: [UDP Query User{5ABD05DD-FE2B-469B-82C8-BABF085B17AA}C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe] => (Allow) C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe (BALTAGY -> Nero AG) [File not signed]
FirewallRules: [TCP Query User{BB794DC3-76A3-4572-9CE4-200D910550F3}C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe] => (Allow) C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe => No File
FirewallRules: [UDP Query User{E30C7BED-D2A9-497B-954B-6B44DE06789A}C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe] => (Allow) C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe => No File
FirewallRules: [{E2F79DC6-D442-4ECF-85B2-2F2996C095F8}] => (Allow) C:\Program Files (x86)\I+ME Actia GmbH\VAS6154 Driver\VAS6154App.exe (Actia I+ME GmbH -> Volkswagen AG)
FirewallRules: [{E7251C89-CA74-4297-8A36-0D16C22A93C6}] => (Allow) C:\Program Files (x86)\I+ME Actia GmbH\VAS6154 Driver\VAS6154App.exe (Actia I+ME GmbH -> Volkswagen AG)
FirewallRules: [{A6AD6C3C-BE1C-4B70-A1F2-B2E75DB41D74}] => (Allow) C:\Program Files (x86)\VW_PDUAPI_OS\PduProtocolLayerJ2534.exe => No File
FirewallRules: [{61C66289-501F-4F10-9C26-639AF4B58BD6}] => (Allow) C:\Program Files (x86)\VW_PDUAPI_OS\PduProtocolLayerVector.exe => No File
FirewallRules: [{999432E9-0B77-445D-9728-BB5A411A2ECE}] => (Allow) C:\Ross-Tech\VCDS 20.4.1\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{0B6A63E5-ED3C-4D4A-ADCE-24BED74A07F2}] => (Allow) C:\Ross-Tech\VCDS 20.4.1\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{EE1B7B90-C8F4-4170-8E83-907334E471E4}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => No File
FirewallRules: [{6A55E916-CBB3-4165-89D5-911589064D82}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => No File
FirewallRules: [{E1486ACC-FD54-48AE-ABAE-E52318CFF0FF}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => No File
FirewallRules: [{C4198E8B-CBCF-45C3-A92D-7E517E8E6D34}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{82625E8E-15FE-4A12-A5C5-8464DFFCE2E4}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{FA38476C-0A67-46FC-8191-E30C850E9FB5}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [{DAC16B08-3168-43C6-845C-3CB586ECD185}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AAD2DC56-6197-400C-BE21-5ECEF55BEA26}C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe] => (Allow) C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe (The 3DO Company) [File not signed]
FirewallRules: [UDP Query User{C4B5DAE5-4508-452B-9647-CF652446E6CE}C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe] => (Allow) C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe (The 3DO Company) [File not signed]
FirewallRules: [TCP Query User{8AFB8950-0C6C-4FD8-B3DD-FDCC14A5B7E9}C:\program files (x86)\sonork\sonork.exe] => (Allow) C:\program files (x86)\sonork\sonork.exe => No File
FirewallRules: [UDP Query User{5352A487-E18A-4367-8EFD-FDB4AC3A0427}C:\program files (x86)\sonork\sonork.exe] => (Allow) C:\program files (x86)\sonork\sonork.exe => No File
FirewallRules: [{DEAA0AD7-9D70-4303-B47C-90F2D425F10B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
28-05-2022 22:09:29 Windows Update
28-05-2022 23:03:09 Windows Update
04-06-2022 10:01:51 Windows Update
==================== Faulty Device Manager Devices ============
Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/04/2022 09:27:06 AM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder
Error: (06/04/2022 09:27:06 AM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder
Error: (06/04/2022 09:26:58 AM) (Source: BBGate) (EventID: 110) (User: NT AUTHORITY)
Description: Critical Error: BBGate(.\ElsaGate.cpp, 4637): Connection to aktive partner server failed. Třída není zaregistrována
Error: (05/28/2022 09:45:05 PM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder
Error: (05/28/2022 09:45:05 PM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder
Error: (05/28/2022 09:45:00 PM) (Source: BBGate) (EventID: 110) (User: NT AUTHORITY)
Description: Critical Error: BBGate(.\ElsaGate.cpp, 4637): Connection to aktive partner server failed. Třída není zaregistrována
Error: (05/08/2022 10:02:50 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.
Error: (05/01/2022 03:01:01 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetIsctMode Set ISCT_MODE failed, EXP=3, ACT=1
System errors:
=============
Error: (06/04/2022 10:27:51 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/04/2022 10:17:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace bezpečnostních informací pro produkt Microsoft Security Essentials - KB2310138 (verze 1.367.1009.0).
Error: (06/04/2022 10:03:22 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Fáze aktualizace: Instalovat
Zdrojová cesta:
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby: Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Error: (06/04/2022 10:01:57 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.367.625.0
Zdroj aktualizace: Server Microsoft Update
Fáze aktualizace: Stahovat
Zdrojová cesta: http://www.microsoft.com
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19200.6
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Error: (06/04/2022 10:01:57 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.367.625.0
Zdroj aktualizace: Server Microsoft Update
Fáze aktualizace: Instalovat
Zdrojová cesta: http://www.microsoft.com
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19200.6
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Error: (06/04/2022 10:01:57 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.367.625.0
Zdroj aktualizace: Server Microsoft Update
Fáze aktualizace: Instalovat
Zdrojová cesta: http://www.microsoft.com
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19200.6
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Error: (06/04/2022 09:41:21 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (06/04/2022 09:41:21 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Windows Defender:
================
Date: 2019-09-15 22:37:40.483
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=258086
Název:SoftwareBundler:Win32/Prepscram.BN!MTB
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\zippy\AppData\Local\Temp\is-NVLBN.tmp\Upgrade.exe;file:C:\Users\zippy\AppData\Local\Temp\is-OU3J3.tmp\Upgrade.exe;process:pid:8068;process:pid:8424
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2019-09-15 22:36:11.209
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=258086
Název:SoftwareBundler:Win32/Prepscram.BN!MTB
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\zippy\AppData\Local\Temp\is-OU3J3.tmp\Upgrade.exe;process:pid:8068
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2018-09-13 17:26:07.956
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{D1680C0C-1D51-46EF-B8D3-11BDD577E5EE}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2018-06-13 10:34:53.588
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{47BCAF38-9073-4E6D-843A-38C318428318}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Event[0]:
Date: 2019-09-15 22:38:01.820
Description:
Prohledávání Windows Defender zjistilo chybu při provádění akce u spywaru nebo jiného potenciálně nežádoucího softwaru.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=258086
Uživatel:zippy-PC\zippy
Název:SoftwareBundler:Win32/Prepscram.BN!MTB
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Cesta:
Akce:Odebrat
Kód chyby:0x80508023
Popis chyby:Programu se nepodařilo najít spyware ani jiný potenciálně nežádoucí software v tomto počítači.
Stav:
Date: 2018-07-04 16:01:04.177
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2018-07-04 16:01:04.146
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
BIOS: American Megatrends Inc. B400A.211 05/17/2013
Motherboard: ASUSTeK COMPUTER INC. B400A
Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 88%
Total physical RAM: 3965.17 MB
Available physical RAM: 443.1 MB
Total Virtual: 7928.48 MB
Available Virtual: 2127.33 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:185.99 GB) (Free:38.72 GB) (Model: ATA Hitachi HTS54505 SCSI Disk Device) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:53.32 GB) (Model: ATA Hitachi HTS54505 SCSI Disk Device) NTFS
\\?\Volume{ee4ca6e7-d578-48ac-a419-7eb7997dfeb2}\ (Recovery) (Fixed) (Total:25 GB) (Free:10.94 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 51BD08DA)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu logu - POMALÝ PC
OK. Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?