Prosím o preventivku, dlouho jsem ji nedělal. Počítač již trochu zpomalen.
Děkuji za Váš čas.
-------------------------------------------------------------------------------
Log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Markalous at 2018-09-03 10:05:33
Microsoft Windows 10 Home
System drive C: has 133 GB (35%) free of 381 GB
Total RAM: 16273 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:05:41, on 03/09/2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\Markalous.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DSATray] C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1903383002-3755401707-383608710-1002\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'kavokerr_nci_user')
O4 - HKUS\S-1-5-21-1903383002-3755401707-383608710-1002\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'kavokerr_nci_user')
O4 - Startup: Microsoft Outlook 2010.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{edad486c-8a2c-4582-88c1-d7a57ab2790c}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: cgm.brevir-1 - Unknown owner - D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe
O23 - Service: cgm.ecommunication-1 - CompuGroup Medical Česká republika s.r.o. - D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
O23 - Service: cgm.etrzby-1 - CompuGroup Medical Česká republika s.r.o. - D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe
O23 - Service: cgm.postgres - PostgreSQL Global Development Group - D:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe
O23 - Service: cgm.servercore - CGM - D:\CGMSERVER\bin\core\cgm.servercore.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: Device Activation Service (DevActSvc) - Unknown owner - C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DriverMFTService - ASUSTek Computer Inc. - C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\WINDOWS\system32\hasplms.exe (file missing)
O23 - Service: HCS.MedConnect.Service - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe
O23 - Service: HCS.MEDCONNECT.SERVICEMANAGER - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
O23 - Service: @oem23.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: KaVo Kerr Group Broker Proxy (kkgbrokerproxy) - PaloDEx Group Oy - C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe
O23 - Service: KaVo Kerr Group Device Broker (kkgdevicebroker) - PaloDEx Group Oy - C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe
O23 - Service: kkgdiscovery - KaVo Kerr. - C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe
O23 - Service: KaVo Kerr Group GXS-700 Service (kkggxs700service) - PaloDEx Group Oy - C:\Program Files (x86)\PaloDEx Group\IAM\gxs-700_service.exe
O23 - Service: KaVo Kerr Group mDNSDiscovery (kkgmdnsdiscovery) - Palodex Group Oy - C:\Program Files (x86)\PaloDEx Group\IAM\mDNSDiscovery.exe
O23 - Service: KaVo Kerr Group Snapshot service (kkgsnapshotservice) - PaloDEx Group Oy - C:\Program Files (x86)\Palodex Group\IAM\kkg_snapshot_usb.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MyEpson Portal Service - Seiko Epson Corporation - C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NetTime (NetTimeSvc) - Unknown owner - C:\Program Files (x86)\NetTime\NetTimeService.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\WINDOWS\SysWoW64\xmesrv.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 15856 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"fontdrvhost.exe"
"dwm.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
dashost.exe {40dc746f-7855-4892-a3a147de802c1b5f}
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe 1706780412592
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe"
"C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Elantech\ETDService.exe"
C:\WINDOWS\system32\DbxSvc.exe
C:\Windows\system32\CxAudMsg64.exe
C:\WINDOWS\system32\ibtsiva
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\system32\hasplms.exe -run
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe"
"c:\program files (x86)\kavo kerr group\discovery service\mdnsresponder.exe"
"C:\Program Files (x86)\PaloDEx Group\IAM\gxs-700_service.exe"
"C:\Program Files (x86)\Palodex Group\IAM\kkg_snapshot_usb.exe"
c:\windows\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\NetTime\NetTimeService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Windows\system32\SAsrv.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\SysWoW64\xmesrv.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x26c
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
"C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
"C:\Program Files (x86)\PaloDEx Group\IAM\mDNSDiscovery.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
igfxEM.exe
igfxHK.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="9332.0.1431497692\1865013822" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - "C:\Users\Markalous\AppData\LocalLow\Mozilla\Temp-{baaa2618-d776-4ce2-a1e7-a98129eb6292}" 9332 "\\.\pipe\gecko-crash-server-pipe.9332" 1528 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="9332.3.1332300600\2146753064" -childID 1 -isForBrowser -prefsHandle 2208 -prefsLen 15280 -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 9332 "\\.\pipe\gecko-crash-server-pipe.9332" 2108 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="9332.12.518510993\1889760168" -childID 2 -isForBrowser -prefsHandle 2508 -prefsLen 15280 -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 9332 "\\.\pipe\gecko-crash-server-pipe.9332" 2152 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="9332.20.2069969553\153667567" -childID 3 -isForBrowser -prefsHandle 3148 -prefsLen 18534 -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 9332 "\\.\pipe\gecko-crash-server-pipe.9332" 3472 tab
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Users\Markalous\Desktop\Údržba\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\EPSON XP-530 Series Update {A37DACDA-2E2C-445F-ABFD-7B353E4DF652}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE /EXE:"{A37DACDA-2E2C-445F-ABFD-7B353E4DF652}" /F:"Update"
C:\WINDOWS\tasks\EPSON XP-530 Series Update {C6EA1A74-8CBC-4115-8FBF-7D18D30037EB}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE /EXE:"{C6EA1A74-8CBC-4115-8FBF-7D18D30037EB}" /F:"Update"
C:\WINDOWS\tasks\TrackerAutoUpdate.job - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate
=========Mozilla firefox=========
ProfilePath - C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\ksm22cvy.default-1492598722798-1528921544729
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.171.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npPDFXCviewNPPlugin.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-05-15 582088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-15 245192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-11-13 3242696]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-08-13 1644192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS TB Tray Agent]
c:\program files (x86)\easeus\traypopup\traytipagent.exe [2015-12-10 253992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_5D7D4019F38896730918709ABCFDAEC2]
c:\program files (x86)\google\chrome\application\chrome.exe [2018-08-08 1577816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebStorage]
c:\program files (x86)\asus\webstorage\2.2.2.524\asuswsloader.exe [2015-05-31 63272]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-09-20 25382344]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
"DSATray"=C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [2017-09-18 131360]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2016-01-20 1087184]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]
C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Outlook 2010.lnk - C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"DisableTaskMgr"=0
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-09-03 10:00:56 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-15 12:22:39 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-08-15 12:21:36 ----D---- C:\WINDOWS\PCHEALTH
2018-08-15 12:13:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-15 12:13:51 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-15 12:13:49 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-08-15 12:13:47 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-08-15 12:13:46 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2018-08-15 12:13:40 ----A---- C:\WINDOWS\system32\shell32.dll
2018-08-15 12:13:38 ----A---- C:\WINDOWS\system32\wininet.dll
2018-08-15 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-08-15 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-08-15 12:13:36 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2018-08-15 12:13:35 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-08-15 12:13:35 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-08-15 12:13:34 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-08-15 12:13:34 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-15 12:13:34 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-08-15 12:13:32 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-08-15 12:13:32 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-15 12:13:31 ----A---- C:\WINDOWS\system32\mos.dll
2018-08-15 12:13:30 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-15 12:13:30 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-08-15 12:13:29 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2018-08-15 12:13:29 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-08-15 12:13:29 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-15 12:13:29 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-15 12:13:29 ----A---- C:\WINDOWS\system32\twinui.dll
2018-08-15 12:13:29 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-08-15 12:13:29 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2018-08-15 12:13:28 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-08-15 12:13:28 ----A---- C:\WINDOWS\system32\tquery.dll
2018-08-15 12:13:28 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2018-08-15 12:13:27 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2018-08-15 12:13:26 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2018-08-15 12:13:26 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-08-15 12:13:26 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-08-15 12:13:26 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-15 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-08-15 12:13:25 ----A---- C:\WINDOWS\system32\mssrch.dll
2018-08-15 12:13:24 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-08-15 12:13:24 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-15 12:13:24 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-15 12:13:24 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-08-15 12:13:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-08-15 12:13:23 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2018-08-15 12:13:23 ----A---- C:\WINDOWS\system32\InputService.dll
2018-08-15 12:13:21 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-08-15 12:13:21 ----A---- C:\WINDOWS\system32\BingMaps.dll
2018-08-15 12:13:20 ----A---- C:\WINDOWS\system32\dosvc.dll
2018-08-15 12:13:19 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-08-15 12:13:19 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-08-15 12:13:18 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-15 12:13:18 ----A---- C:\WINDOWS\system32\mstscax.dll
2018-08-15 12:13:18 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-08-15 12:13:18 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-08-15 12:13:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-08-15 12:13:17 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-08-15 12:13:17 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-08-15 12:13:17 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-08-15 12:13:17 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-08-15 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-08-15 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-08-15 12:13:16 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-08-15 12:13:16 ----A---- C:\WINDOWS\system32\msctf.dll
2018-08-15 12:13:16 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2018-08-15 12:13:16 ----A---- C:\WINDOWS\system32\cdprt.dll
2018-08-15 12:13:16 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-15 12:13:15 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-08-15 12:13:15 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-08-15 12:13:15 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2018-08-15 12:13:15 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-08-15 12:13:15 ----A---- C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-15 12:13:15 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-08-15 12:13:15 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-08-15 12:13:15 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-15 12:13:14 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-08-15 12:13:14 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2018-08-15 12:13:14 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2018-08-15 12:13:14 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2018-08-15 12:13:14 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-08-15 12:13:13 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2018-08-15 12:13:13 ----A---- C:\WINDOWS\system32\mfplat.dll
2018-08-15 12:13:12 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-15 12:13:12 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2018-08-15 12:13:12 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-15 12:13:12 ----A---- C:\WINDOWS\system32\MapRouter.dll
2018-08-15 12:13:12 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2018-08-15 12:13:11 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2018-08-15 12:13:11 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2018-08-15 12:13:10 ----A---- C:\WINDOWS\system32\wsp_health.dll
2018-08-15 12:13:10 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-15 12:13:10 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-08-15 12:13:10 ----A---- C:\WINDOWS\system32\lpasvc.dll
2018-08-15 12:13:10 ----A---- C:\WINDOWS\system32\localspl.dll
2018-08-15 12:13:10 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-15 12:13:09 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-08-15 12:13:09 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-15 12:13:09 ----A---- C:\WINDOWS\system32\edgeangle.dll
2018-08-15 12:13:09 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-15 12:13:08 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-08-15 12:13:08 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2018-08-15 12:13:08 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2018-08-15 12:13:08 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2018-08-15 12:13:08 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-08-15 12:13:08 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-15 12:13:08 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2018-08-15 12:13:08 ----A---- C:\WINDOWS\system32\NMAA.dll
2018-08-15 12:13:08 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2018-08-15 12:13:08 ----A---- C:\WINDOWS\system32\jscript.dll
2018-08-15 12:13:08 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-08-15 12:13:07 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2018-08-15 12:13:07 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-08-15 12:13:07 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-08-15 12:13:07 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-08-15 12:13:07 ----A---- C:\WINDOWS\SYSWOW64\BingOnlineServices.dll
2018-08-15 12:13:07 ----A---- C:\WINDOWS\system32\WWAHost.exe
2018-08-15 12:13:07 ----A---- C:\WINDOWS\system32\policymanager.dll
2018-08-15 12:13:07 ----A---- C:\WINDOWS\system32\nettrace.dll
2018-08-15 12:13:07 ----A---- C:\WINDOWS\system32\MapsStore.dll
2018-08-15 12:13:06 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-08-15 12:13:06 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2018-08-15 12:13:06 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2018-08-15 12:13:06 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-08-15 12:13:06 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2018-08-15 12:13:06 ----A---- C:\WINDOWS\system32\msi.dll
2018-08-15 12:13:06 ----A---- C:\WINDOWS\system32\cloudAP.dll
2018-08-15 12:13:05 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2018-08-15 12:13:05 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-08-15 12:13:05 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-15 12:13:04 ----A---- C:\WINDOWS\system32\winload.exe
2018-08-15 12:13:04 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-15 12:13:04 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2018-08-15 12:13:04 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2018-08-15 12:13:00 ----A---- C:\WINDOWS\system32\winresume.exe
2018-08-15 12:13:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-08-15 12:13:00 ----A---- C:\WINDOWS\system32\tdh.dll
2018-08-15 12:13:00 ----A---- C:\WINDOWS\system32\provengine.dll
2018-08-15 12:13:00 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-15 12:13:00 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-15 12:12:59 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2018-08-15 12:12:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-15 12:12:59 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2018-08-15 12:12:59 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2018-08-15 12:12:59 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-08-15 12:12:59 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-15 12:12:59 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2018-08-15 12:12:59 ----A---- C:\WINDOWS\system32\provops.dll
2018-08-15 12:12:59 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-08-15 12:12:59 ----A---- C:\WINDOWS\system32\clusapi.dll
2018-08-15 12:12:59 ----A---- C:\WINDOWS\system32\ci.dll
2018-08-15 12:12:58 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-08-15 12:12:57 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2018-08-15 12:12:57 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2018-08-15 12:12:56 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-08-15 12:12:55 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2018-08-15 12:12:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-08-15 12:12:55 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2018-08-15 12:12:55 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-08-15 12:12:54 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-08-15 12:12:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-08-15 12:12:54 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-08-15 12:12:53 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2018-08-15 12:12:53 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2018-08-15 12:12:53 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-08-15 12:12:53 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2018-08-15 12:12:53 ----A---- C:\WINDOWS\system32\rsaenh.dll
2018-08-15 12:12:53 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-08-15 12:12:53 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-08-15 12:12:52 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2018-08-15 12:12:52 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-15 12:12:52 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-15 12:12:52 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2018-08-15 12:12:51 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\wldp.dll
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\resutils.dll
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\PushToInstall.dll
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\profsvc.dll
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\defragsvc.dll
2018-08-15 12:12:51 ----A---- C:\WINDOWS\system32\datamarketsvc.dll
2018-08-15 12:12:50 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-08-15 12:12:50 ----A---- C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-15 12:12:50 ----A---- C:\WINDOWS\system32\sysmain.dll
2018-08-15 12:12:50 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2018-08-15 12:12:50 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-08-15 12:12:49 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2018-08-15 12:12:49 ----A---- C:\WINDOWS\system32\vertdll.dll
2018-08-15 12:12:49 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-08-15 12:12:49 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2018-08-15 12:12:48 ----A---- C:\WINDOWS\system32\services.exe
2018-08-15 12:12:47 ----A---- C:\WINDOWS\system32\nltest.exe
2018-08-15 12:12:47 ----A---- C:\WINDOWS\system32\hvhostsvc.dll
2018-08-15 12:12:47 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-08-15 12:12:47 ----A---- C:\WINDOWS\system32\drivers\scmbus.sys
2018-08-15 12:12:46 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-08-15 12:12:46 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2018-08-15 12:12:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.XamlHost.dll
2018-08-15 12:12:46 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2018-08-15 12:12:46 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2018-08-15 12:12:46 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-08-15 12:12:46 ----A---- C:\WINDOWS\system32\sppc.dll
2018-08-15 12:12:46 ----A---- C:\WINDOWS\system32\rdpencom.dll
2018-08-15 12:12:46 ----A---- C:\WINDOWS\system32\ProvSysprep.dll
2018-08-15 12:12:46 ----A---- C:\WINDOWS\system32\nshwfp.dll
2018-08-15 12:12:46 ----A---- C:\WINDOWS\system32\drivers\Ucx01000.sys
2018-08-15 12:12:46 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-08-15 12:12:46 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2018-08-15 12:12:46 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Controls.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\mssvp.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\kdnet.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\drivers\winhv.sys
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\drivers\vpci.sys
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2018-08-15 12:12:45 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2018-08-15 12:12:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-08-15 12:12:44 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\SYSWOW64\raschap.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2018-08-15 12:12:44 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\raschap.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\msiexec.exe
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\drivers\winhvr.sys
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2018-08-15 12:12:44 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2018-08-15 12:12:42 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\system32\t2embed.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\system32\mssph.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\system32\hlink.dll
2018-08-15 12:12:42 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-08-15 12:12:42 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-08-15 12:12:42 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\system32\tzres.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2018-08-15 12:12:41 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-08-15 12:12:40 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2018-08-15 12:12:40 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-08-15 12:12:40 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2018-08-15 12:12:40 ----A---- C:\WINDOWS\system32\winshfhc.dll
2018-08-15 12:12:40 ----A---- C:\WINDOWS\system32\drivers\vmgid.sys
2018-08-15 12:12:40 ----A---- C:\WINDOWS\system32\atmlib.dll
======List of files/folders modified in the last 1 month======
2018-09-03 10:05:40 ----D---- C:\WINDOWS\Prefetch
2018-09-03 10:05:38 ----D---- C:\WINDOWS\Temp
2018-09-03 10:05:37 ----D---- C:\Program Files\trend micro
2018-09-03 10:03:56 ----D---- C:\ProgramData\NVIDIA
2018-09-03 10:02:32 ----D---- C:\ProgramData\ASUS Smart Gesture
2018-09-03 10:01:51 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-09-03 10:00:56 ----D---- C:\WINDOWS\System32
2018-09-03 10:00:02 ----AD---- C:\Program Files (x86)\Intel Driver and Support Assistant
2018-09-03 09:58:37 ----D---- C:\WINDOWS\system32\sru
2018-09-03 09:55:40 ----D---- C:\Windows
2018-09-03 09:52:13 ----D---- C:\AdwCleaner
2018-09-03 09:51:30 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-09-03 09:51:23 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-09-03 09:47:18 ----D---- C:\ProgramData\PaloDEx Group
2018-09-03 09:30:51 ----AD---- C:\Program Files (x86)\Dialog MIS
2018-09-03 09:20:15 ----D---- C:\WINDOWS\system32\catroot2
2018-09-03 08:54:09 ----D---- C:\WINDOWS\system32\SleepStudy
2018-09-03 08:38:37 ----D---- C:\WINDOWS\Logs
2018-09-03 08:37:12 ----RD---- C:\WINDOWS\Microsoft.NET
2018-09-02 22:19:57 ----D---- C:\ProgramData\firebird
2018-09-02 22:19:18 ----AD---- C:\ProgramData\Temp
2018-09-02 21:20:27 ----D---- C:\WINDOWS\CbsTemp
2018-09-02 21:20:08 ----SHD---- C:\System Volume Information
2018-09-02 20:45:44 ----D---- C:\WINDOWS\AppReadiness
2018-09-01 22:39:32 ----D---- C:\Users\Markalous\AppData\Roaming\ABarthel
2018-09-01 22:22:59 ----D---- C:\Users\Markalous\AppData\Roaming\uTorrent
2018-09-01 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2018-09-01 15:49:31 ----HD---- C:\Program Files\WindowsApps
2018-08-31 08:08:13 ----D---- C:\WINDOWS\LiveKernelReports
2018-08-30 23:23:55 ----D---- C:\WINDOWS\system32\config
2018-08-29 22:53:13 ----SHDC---- C:\WINDOWS\Installer
2018-08-29 22:53:13 ----SHD---- C:\Config.Msi
2018-08-29 14:19:31 ----D---- C:\VXIMAGES
2018-08-27 12:00:18 ----D---- C:\WINDOWS\system32\Tasks
2018-08-24 08:37:45 ----D---- C:\VixTemp
2018-08-22 13:23:18 ----D---- C:\WINDOWS\WinSxS
2018-08-22 11:22:54 ----D---- C:\WINDOWS\INF
2018-08-22 11:22:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-16 22:31:39 ----RSD---- C:\WINDOWS\assembly
2018-08-16 07:43:07 ----D---- C:\WINDOWS\system32\DriverStore
2018-08-16 07:41:55 ----D---- C:\WINDOWS\system32\drivers
2018-08-16 00:14:49 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-08-16 00:14:49 ----D---- C:\WINDOWS\TextInput
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-08-16 00:14:49 ----D---- C:\WINDOWS\SysWOW64
2018-08-16 00:14:45 ----SD---- C:\WINDOWS\system32\UNP
2018-08-16 00:14:45 ----SD---- C:\WINDOWS\system32\F12
2018-08-16 00:14:45 ----SD---- C:\WINDOWS\system32\DiagSvcs
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\zu-ZA
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\yo-NG
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\xh-ZA
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\wo-SN
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\tn-ZA
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\ti-ET
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\ShellExperiences
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\rw-RW
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\nso-ZA
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\migration
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\ig-NG
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\en-US
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\en-GB
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\drivers\en-US
2018-08-16 00:14:45 ----D---- C:\WINDOWS\system32\cs-CZ
2018-08-16 00:14:44 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-08-16 00:14:44 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-08-16 00:14:44 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-08-16 00:14:44 ----D---- C:\WINDOWS\system32\Boot
2018-08-16 00:14:44 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-08-16 00:14:39 ----RD---- C:\WINDOWS\PrintDialog
2018-08-16 00:14:39 ----D---- C:\WINDOWS\ShellExperiences
2018-08-16 00:14:36 ----RD---- C:\Program Files\Windows Defender
2018-08-16 00:14:36 ----D---- C:\WINDOWS\bcastdvr
2018-08-16 00:14:36 ----D---- C:\Program Files (x86)\Windows Defender
2018-08-15 14:01:13 ----RSD---- C:\WINDOWS\Fonts
2018-08-15 12:22:54 ----D---- C:\WINDOWS\system32\MRT
2018-08-15 12:22:31 ----D---- C:\ProgramData\Microsoft Help
2018-08-15 12:22:03 ----A---- C:\WINDOWS\win.ini
2018-08-14 20:58:52 ----D---- C:\WINDOWS\system32\Macromed
2018-08-14 20:58:51 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-08-14 20:15:55 ----D---- C:\WINDOWS\system32\NDF
2018-08-13 21:00:25 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-08-13 20:42:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-08 22:16:41 ----AD---- C:\Program Files (x86)\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 EUBAKUP;EUBAKUP; C:\WINDOWS\system32\drivers\eubakup.sys [2015-12-10 60968]
R0 EUBKMON;EUBKMON; C:\WINDOWS\system32\drivers\EUBKMON.sys [2015-12-10 48168]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-06-12 1469952]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2015-06-26 88256]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R1 EUDSKACS;EUDSKACS; \??\C:\WINDOWS\system32\drivers\eudskacs.sys [2015-12-10 18472]
R1 EUFDDISK;EUFDDISK; \??\C:\WINDOWS\system32\drivers\EuFdDisk.sys [2015-12-10 192552]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2016-04-09 27552]
R2 aksdf;aksdf; \??\C:\WINDOWS\system32\drivers\aksdf.sys [2015-09-24 109200]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys [2015-09-24 205528]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2016-04-28 310728]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [2015-09-24 350552]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2016-04-28 42696]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-04-12 43520]
R3 AsusTP;@oem52.inf,%PS2.DeviceDesc%;ASUS Input Touchpad Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2017-03-09 128024]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-04-12 106496]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 CnxtHdAudService;@oem33.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-08-04 1553032]
R3 ETD;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-11-13 525512]
R3 HIDSwitch;@oem18.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2016-05-14 27872]
R3 ibtusb;@oem23.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2017-03-10 243208]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-11-30 7969760]
R3 MEIx64;@oem46.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-05-14 185896]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Ovladač přenosů Avrcp protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [2018-04-12 46592]
R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2018-04-12 7689728]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvlddmkm.sys [2016-12-12 14200880]
R3 nvvad_WaveExtensible;@oem8.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2018-03-15 67432]
R3 nvvhci;@oem22.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-04-28 68112]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [2016-03-02 29696]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [2016-03-02 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [2016-03-02 37376]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-07-14 1069568]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 dg_ssudbus;@oem53.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\syswow64\epmntdrv.sys [2014-11-18 14944]
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\syswow64\EuGdiDrv.sys [2014-11-18 10208]
S3 GemCCID;GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [2014-11-10 130944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-08-03 77608]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IntcDAud;@oem48.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-05-20 31200]
S3 PcaSp50a64;PcaSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PcaSp50a64.sys [2018-02-14 41280]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-15 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_b19a5;Uživatelská služba platformy připojených zařízení_b19a5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 cgm.ecommunication-1;cgm.ecommunication-1; D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [2018-05-21 88416]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CxAudMsg;Conexant Audio Message Service; C:\Windows\system32\CxAudMsg64.exe [2014-10-20 207576]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2016-09-20 42792]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DriverMFTService;DriverMFTService; C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe [2015-05-19 20992]
R2 DSAService;Intel(R) Driver & Support Assistant; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [2017-09-18 22816]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-11-13 144072]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2017-02-13 640928]
R2 hasplms;Sentinel LDK License Manager; C:\WINDOWS\system32\hasplms.exe [2015-09-24 4665168]
R2 ibtsiva;@oem23.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-30 373728]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
R2 kkgbrokerproxy;KaVo Kerr Group Broker Proxy; C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe [2017-11-15 10382648]
R2 kkgdevicebroker;KaVo Kerr Group Device Broker; C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe [2017-11-30 2820920]
R2 kkgdiscovery;kkgdiscovery; C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe [2017-06-29 487424]
R2 kkggxs700service;KaVo Kerr Group GXS-700 Service; C:\Program Files (x86)\PaloDEx Group\IAM\gxs-700_service.exe [2017-12-14 4034360]
R2 kkgmdnsdiscovery;KaVo Kerr Group mDNSDiscovery; C:\Program Files (x86)\PaloDEx Group\IAM\mDNSDiscovery.exe [2017-12-11 4938040]
R2 kkgsnapshotservice;KaVo Kerr Group Snapshot service; C:\Program Files (x86)\Palodex Group\IAM\kkg_snapshot_usb.exe [2018-02-14 233280]
R2 NetTimeSvc;NetTime; C:\Program Files (x86)\NetTime\NetTimeService.exe [2012-05-12 473088]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-11 459832]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-05-20 630240]
R2 OneSyncSvc_b19a5;Hostitel synchronizace_b19a5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2017-04-26 1740864]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2017-02-13 157600]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-20 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 PimIndexMaintenanceSvc_b19a5;Data kontaktů_b19a5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2018-06-30 117376]
S2 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-04-12 136296]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-14 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-04-12 52832]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_b19a5;Uživatelská služba pro GameDVR a vysílání her_b19a5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_b19a5;Služba pro podporu uživatelů Bluetooth_b19a5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 cgm.brevir-1;cgm.brevir-1; D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe [2017-05-15 265728]
S3 cgm.ebooking-1;cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [2017-06-15 33888]
S3 cgm.etrzby-1;cgm.etrzby-1; D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe [2017-05-19 22112]
S3 cgm.postgres;cgm.postgres; D:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe runservice -N cgm.postgres -D D:/CGMSERVER/data/pgsql []
S3 cgm.servercore;cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [2016-12-15 51200]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-11-30 301536]
S3 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-11 136048]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-11 136048]
S3 DevActSvc;Device Activation Service; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [2018-06-05 326032]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_b19a5;DevicePicker_b19a5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_b19a5;Tok zařízení_b19a5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc64.exe [2012-05-17 144560]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2017-09-10 1606152]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2018-02-09 1074480]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12 144200]
S3 HCS.MedConnect.Service;HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [2016-11-03 46080]
S3 HCS.MEDCONNECT.SERVICEMANAGER;HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [2016-11-03 91648]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-07-22 223520]
S3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-07-22 415520]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService_b19a5;Služba zasílání zpráv_b19a5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-08-08 194512]
S3 MyEpson Portal Service;MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [2017-06-28 714712]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2017-02-13 268704]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 161472]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 187072]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_b19a5;PrintWorkflow_b19a5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
S4 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [2015-05-31 71168]
S4 ASUSGiftBoxDekstop;Asus GiftBox Desktop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [2015-07-20 315704]
S4 EaseUS Agent;EaseUS Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2015-12-10 36904]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2018-06-30 117376]
S4 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prevence po dlouhe dobe
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prevence po dlouhe dobe
Krasny den Vam preju 
V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.). Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
- ukoncete vsechny programy
- odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: prevence po dlouhe dobe
Zde je log z Adware:
--------------------------------------------------------
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-01.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-03-2018
# Duration: 00:00:09
# OS: Windows 10 Home
# Cleaned: 48
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\qwertysearch123.biz
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\quertysearch123.biz
Deleted HKCU\SOFTWARE\37E90DB90B3E54F4E45CC68A64957C4A
Deleted HKLM\Software\Wow6432Node\37E90DB90B3E54F4E45CC68A64957C4A
Deleted HKLM\SOFTWARE\37E90DB90B3E54F4E45CC68A64957C4A
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\defaultsearch.com
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mywebsearch.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchnow.ws
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mysearchnow.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\hotbar.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\isearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\get-search.cc
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchresults.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearcher.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchbar.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearch247.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\whatsyoursearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\resultsyoursearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\crawlermachine.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicecodec.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\niceblowjob.info
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\fucknicepics.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\codecnice.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\ifinditall.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\icanfindit.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\findit-now.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\clearask.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchengine2000.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\best-searchengine.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\adultdatingsearchengine.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\http602.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com.ru
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bestcrawler.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\tangounion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\search-web.us
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchoutlaw.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\digistreamsa.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchable-sex.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\securesurface.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\easy-search.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\startravelsnp.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchproject.net
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [7325 octets] - [03/09/2018 20:40:26]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
--------------------------------------------------------
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-01.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-03-2018
# Duration: 00:00:09
# OS: Windows 10 Home
# Cleaned: 48
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\qwertysearch123.biz
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\quertysearch123.biz
Deleted HKCU\SOFTWARE\37E90DB90B3E54F4E45CC68A64957C4A
Deleted HKLM\Software\Wow6432Node\37E90DB90B3E54F4E45CC68A64957C4A
Deleted HKLM\SOFTWARE\37E90DB90B3E54F4E45CC68A64957C4A
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\defaultsearch.com
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mywebsearch.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchnow.ws
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mysearchnow.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\hotbar.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\isearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\get-search.cc
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchresults.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearcher.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchbar.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearch247.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\whatsyoursearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\resultsyoursearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\crawlermachine.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicecodec.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\niceblowjob.info
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\fucknicepics.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\codecnice.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\ifinditall.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\icanfindit.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\findit-now.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\clearask.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchengine2000.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\best-searchengine.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\adultdatingsearchengine.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\http602.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com.ru
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bestcrawler.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\tangounion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\search-web.us
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchoutlaw.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\digistreamsa.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchable-sex.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\securesurface.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\easy-search.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\startravelsnp.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchproject.net
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [7325 octets] - [03/09/2018 20:40:26]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: prevence po dlouhe dobe
..oprava...z AdwCleaneru
Re: prevence po dlouhe dobe
V pořádku - já si to přeložil 
- Ulozte nejlepe na plochu FRST.exe/FRST64.exe - https://www.bleepingcomputer.com/downlo ... scan-tool/
- kliknete pravym mysitkem na stazeny FRST a vyberte Spustit jako spravce
- zkontrolujte, ze je zatrzena polozka Addition.txt v pravem dolnim rohu
- kliknete na Scan
- do pristich odpovedi (pravdepodobne se nevlezou do jedne) vlozte obsah vygenerovanych logu FRST.txt i Addition.txt
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: prevence po dlouhe dobe
log z FRST:
--------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by Markalous (administrator) on MARKALOUSOVO (04-09-2018 07:59:04)
Running from C:\Users\Markalous\Desktop
Loaded Profiles: Markalous & kavokerr_nci_user (Available Profiles: Markalous & kavokerr_nci_user & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.228 (X64) Language: Czech (Czech Republic)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe
(KaVo Kerr.) C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\PixelMaster Video HDR\DriverMFTService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\gxs-700_service.exe
(PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\kkg_snapshot_usb.exe
() C:\Program Files (x86)\NetTime\NetTimeService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(Palodex Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\mDNSDiscovery.exe
(PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CompuGroup Medical Česká republika s.r.o.) D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-11-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25382344 2016-09-20] (Dropbox, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2007-10-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\MountPoints2: {21380089-d60d-11e5-9c1f-4c3488b4c12e} - "F:\AUTORUN.EXE"
HKU\S-1-5-21-1903383002-3755401707-383608710-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
ShellExecuteHooks: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
Startup: C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2016-05-03]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 secure.prepar3d.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{edad486c-8a2c-4582-88c1-d7a57ab2790c}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{edad486c-8a2c-4582-88c1-d7a57ab2790c}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> DefaultScope {AE14A255-747F-4FF8-BA39-73E5007E2D6F} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {AE14A255-747F-4FF8-BA39-73E5007E2D6F} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-05-15] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-15] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> hxxp://www.seznam.cz/
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.44.0_neutral__8wekyb3d8bbwe [not found]
FireFox:
========
FF DefaultProfile: ksm22cvy.default-1492598722798-1528921544729
FF ProfilePath: C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\ksm22cvy.default-1492598722798-1528921544729 [2018-09-04]
FF Homepage: Mozilla\Firefox\Profiles\ksm22cvy.default-1492598722798-1528921544729 -> hxxps://www.seznam.cz/
FF Extension: (Ceska sporitelna Client certificate) - C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\ksm22cvy.default-1492598722798-1528921544729\Extensions\mci_msg_prod@csas.cz.xpi [2018-08-20]
FF Extension: (Google Translator for Firefox) - C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\ksm22cvy.default-1492598722798-1528921544729\Extensions\translator@zoli.bod.xpi [2018-06-13]
FF Extension: (uBlock Origin) - C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\ksm22cvy.default-1492598722798-1528921544729\Extensions\uBlock0@raymondhill.net.xpi [2018-08-27]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2018-07-11] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-14] ()
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @servis24.cz/PKIComponent -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2018-04-30] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2016-03-29] (Česká spořitelna, a.s.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default [2018-09-03]
CHR Extension: (Prezentace) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Dokumenty) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29]
CHR Extension: (Disk Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-12]
CHR Extension: (YouTube) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Tabulky) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-10-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-29]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-02-06]
CHR Extension: (Gmail) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-29]
CHR HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [File not signed]
S4 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
S3 cgm.brevir-1; D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe [265728 2017-05-15] () [File not signed]
S3 cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [33888 2017-06-15] (Microsoft) [File not signed]
R2 cgm.ecommunication-1; D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [88416 2018-05-21] (CompuGroup Medical Česká republika s.r.o.)
S3 cgm.etrzby-1; D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe [22112 2017-05-19] (CompuGroup Medical Česká republika s.r.o.) [File not signed]
S3 cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [51200 2016-12-15] (CGM) [File not signed]
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42792 2016-09-20] (Windows (R) Win 7 DDK provider)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] ()
R2 DriverMFTService; C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe [20992 2015-05-19] (ASUSTek Computer Inc.) [File not signed]
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel)
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-11-13] (ELAN Microelectronics Corp.)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4665168 2015-09-24] (SafeNet Inc.)
S3 HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [46080 2016-11-03] (HCS GmbH) [File not signed]
S3 HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [91648 2016-11-03] (HCS GmbH) [File not signed]
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-03-10] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
R2 kkgbrokerproxy; C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe [10382648 2017-11-15] (PaloDEx Group Oy)
R2 kkgdevicebroker; C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe [2820920 2017-11-30] (PaloDEx Group Oy)
R2 kkgdiscovery; C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe [487424 2017-06-29] (KaVo Kerr.) [File not signed]
R2 kkggxs700service; C:\Program Files (x86)\PaloDEx Group\IAM\gxs-700_service.exe [4034360 2017-12-14] (PaloDEx Group Oy)
R2 kkgmdnsdiscovery; C:\Program Files (x86)\PaloDEx Group\IAM\mDNSDiscovery.exe [4938040 2017-12-11] (Palodex Group Oy)
R2 kkgsnapshotservice; C:\Program Files (x86)\Palodex Group\IAM\kkg_snapshot_usb.exe [233280 2018-02-14] (PaloDEx Group Oy)
S3 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
R2 NetTimeSvc; C:\Program Files (x86)\NetTime\NetTimeService.exe [473088 2012-05-12] () [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1740864 2017-04-26] (O&O Software GmbH)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 SAService; C:\Windows\system32\SAsrv.exe [427224 2015-04-17] (Conexant Systems, Inc.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-07-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-07-31] (Microsoft Corporation)
R2 xmengine service; C:\WINDOWS\SysWoW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
S3 cgm.postgres; D:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe runservice -N "cgm.postgres" -D "D:/CGMSERVER/data/pgsql" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [29696 2016-03-02] (LG Electronics Inc.) [File not signed]
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-03-02] (LG Electronics Inc.) [File not signed]
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-03-02] (LG Electronics Inc.) [File not signed]
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [310728 2016-04-28] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] () [File not signed]
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [60968 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] () [File not signed]
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [18472 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [192552 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () [File not signed]
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Gemalto)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [350552 2015-09-24] (SafeNet Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-09] (REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [243208 2017-03-10] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [42696 2016-04-28] ()
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R1 MpKslc60dc389; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{61D0C98E-2A9B-4DB3-A7B9-7F702D299B67}\MpKslc60dc389.sys [58120 2018-09-03] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_05db8c39344e07a5\nvlddmkm.sys [17212744 2018-08-22] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
S3 PcaSp50a64; C:\WINDOWS\System32\Drivers\PcaSp50a64.sys [41280 2018-02-14] (Printing Communications Assoc., Inc. (PCAUSA))
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [758488 2016-06-12] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-05-14] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46584 2018-07-31] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-07-31] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-07-31] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-04 07:59 - 2018-09-04 08:00 - 000030688 _____ C:\Users\Markalous\Desktop\FRST.txt
2018-09-04 07:58 - 2018-09-04 07:58 - 002413056 _____ (Farbar) C:\Users\Markalous\Desktop\FRST64.exe
2018-09-04 07:54 - 2018-09-04 07:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-09-03 23:37 - 2018-08-21 12:14 - 000083440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-09-03 23:35 - 2018-08-22 18:14 - 001420648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-09-03 23:35 - 2018-08-22 18:14 - 001093640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-09-03 23:35 - 2018-08-22 18:14 - 000628560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-09-03 23:35 - 2018-08-22 18:14 - 000518832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 040348400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 035251600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 004354208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 003770072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 002016600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439907.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 001564496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 001469144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439907.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 001218056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 031252104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 025967968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 017756392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 015170608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 013733544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 011277848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 004858000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 004128112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 001350792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 001160520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 001067288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 000908032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 000817800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 000656352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-09-03 23:35 - 2018-08-21 14:16 - 000044335 _____ C:\WINDOWS\system32\nvinfo.pb
2018-09-03 23:20 - 2018-09-03 23:20 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:20 - 2018-09-03 23:20 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:37 - 000000000 ____D C:\WINDOWS\LastGood
2018-09-03 23:19 - 2018-09-03 23:19 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:18 - 2018-06-08 03:59 - 000069544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-09-03 23:18 - 2018-04-24 19:29 - 000065792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-09-03 23:14 - 2018-09-03 23:14 - 000314341 _____ C:\Users\Markalous\Desktop\aicullv11.zip
2018-09-03 12:00 - 2018-09-03 12:00 - 000003694 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2018-09-03 12:00 - 2018-09-03 12:00 - 000003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2018-09-01 21:58 - 2018-09-01 22:15 - 000000000 ____D C:\Users\Markalous\Downloads\Navigraph AIRAC 1809
2018-08-23 23:25 - 2018-08-23 23:25 - 323558781 _____ C:\Users\Markalous\Desktop\Brac2018.mp4
2018-08-17 13:18 - 2012-04-19 14:28 - 001169517 _____ C:\Users\Markalous\Desktop\Passing Smoke.mp4
2018-08-15 14:01 - 2018-08-15 14:01 - 000001942 _____ C:\Users\Public\Desktop\PC DENT.lnk
2018-08-15 12:22 - 2018-08-06 17:19 - 000836480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-08-15 12:22 - 2018-08-06 17:19 - 000181120 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-15 12:21 - 2018-08-15 12:21 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-08-15 12:13 - 2018-08-03 10:39 - 021389368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-08-15 12:13 - 2018-08-03 10:22 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-08-15 12:13 - 2018-08-03 10:21 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-15 12:13 - 2018-08-03 10:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-08-15 12:13 - 2018-08-03 10:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-08-15 12:13 - 2018-08-03 10:20 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-15 12:13 - 2018-08-03 10:19 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-08-15 12:13 - 2018-08-03 09:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-08-15 12:13 - 2018-08-03 09:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-08-15 12:13 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-08-15 12:13 - 2018-08-03 09:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-08-15 12:13 - 2018-08-03 05:47 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-15 12:13 - 2018-08-03 05:40 - 001221048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-08-15 12:13 - 2018-08-03 05:40 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-08-15 12:13 - 2018-08-03 05:39 - 009091480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-15 12:13 - 2018-08-03 05:39 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-15 12:13 - 2018-08-03 05:39 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-08-15 12:13 - 2018-08-03 05:39 - 002829216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-08-15 12:13 - 2018-08-03 05:39 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-08-15 12:13 - 2018-08-03 05:38 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-15 12:13 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-15 12:13 - 2018-08-03 05:38 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-08-15 12:13 - 2018-08-03 05:38 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-08-15 12:13 - 2018-08-03 05:38 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-08-15 12:13 - 2018-08-03 05:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-08-15 12:13 - 2018-08-03 05:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-15 12:13 - 2018-08-03 05:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-08-15 12:13 - 2018-08-03 05:25 - 001622296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-08-15 12:13 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-08-15 12:13 - 2018-08-03 05:23 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-15 12:13 - 2018-08-03 05:18 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-15 12:13 - 2018-08-03 05:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-08-15 12:13 - 2018-08-03 05:17 - 004380160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-15 12:13 - 2018-08-03 05:15 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-15 12:13 - 2018-08-03 05:14 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-15 12:13 - 2018-08-03 05:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-08-15 12:13 - 2018-08-03 05:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-08-15 12:13 - 2018-08-03 05:13 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-15 12:13 - 2018-08-03 05:12 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-08-15 12:13 - 2018-08-03 05:12 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-08-15 12:13 - 2018-08-03 05:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-08-15 12:13 - 2018-08-03 05:09 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-15 12:13 - 2018-08-03 05:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-08-15 12:13 - 2018-08-03 05:08 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-15 12:13 - 2018-08-03 05:08 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-08-15 12:13 - 2018-08-03 05:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-08-15 12:13 - 2018-08-03 05:08 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-15 12:13 - 2018-08-03 05:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-15 12:13 - 2018-08-03 05:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-08-15 12:13 - 2018-08-03 05:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-08-15 12:13 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-08-15 12:13 - 2018-08-03 05:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-08-15 12:13 - 2018-07-15 02:56 - 001523240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-08-15 12:13 - 2018-07-15 02:44 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-08-15 12:13 - 2018-07-15 02:43 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-08-15 12:13 - 2018-07-15 02:42 - 008624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-08-15 12:13 - 2018-07-15 02:42 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-15 12:13 - 2018-07-15 02:39 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-15 12:13 - 2018-07-15 02:38 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-15 12:13 - 2018-07-15 02:38 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-08-15 12:13 - 2018-07-15 01:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-08-15 12:13 - 2018-07-15 01:18 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-08-15 12:13 - 2018-07-15 01:17 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-08-15 12:13 - 2018-07-15 01:15 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-08-15 12:13 - 2018-07-14 08:46 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-08-15 12:13 - 2018-07-14 08:42 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-08-15 12:13 - 2018-07-14 06:23 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-15 12:13 - 2018-07-14 06:22 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-08-15 12:13 - 2018-07-14 06:22 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-08-15 12:13 - 2018-07-14 06:22 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-08-15 12:13 - 2018-07-14 06:19 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-08-15 12:13 - 2018-07-14 06:19 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-08-15 12:13 - 2018-07-14 06:19 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-08-15 12:13 - 2018-07-14 06:19 - 000483024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-15 12:13 - 2018-07-14 06:18 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-15 12:13 - 2018-07-14 06:18 - 002371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-15 12:13 - 2018-07-14 06:18 - 001017584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-15 12:13 - 2018-07-14 06:18 - 000930712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-15 12:13 - 2018-07-14 06:18 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-08-15 12:13 - 2018-07-14 06:17 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-08-15 12:13 - 2018-07-14 06:17 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-15 12:13 - 2018-07-14 06:17 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-08-15 12:13 - 2018-07-14 06:16 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-08-15 12:13 - 2018-07-14 06:16 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-08-15 12:13 - 2018-07-14 06:16 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-08-15 12:13 - 2018-07-14 06:15 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-08-15 12:13 - 2018-07-14 06:15 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-08-15 12:13 - 2018-07-14 06:01 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-08-15 12:13 - 2018-07-14 05:59 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-15 12:13 - 2018-07-14 05:59 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-08-15 12:13 - 2018-07-14 05:59 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-08-15 12:13 - 2018-07-14 05:57 - 007057920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-15 12:13 - 2018-07-14 05:57 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-08-15 12:13 - 2018-07-14 05:56 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-15 12:13 - 2018-07-14 05:56 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-08-15 12:13 - 2018-07-14 05:56 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-15 12:13 - 2018-07-14 05:56 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-08-15 12:13 - 2018-07-14 05:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-08-15 12:13 - 2018-07-14 05:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-15 12:13 - 2018-07-14 05:54 - 003319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-08-15 12:13 - 2018-07-14 05:54 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-15 12:13 - 2018-07-14 05:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-08-15 12:13 - 2018-07-14 05:54 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-15 12:13 - 2018-07-14 05:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 004770816 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-08-15 12:13 - 2018-07-14 05:52 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-08-15 12:13 - 2018-07-14 05:52 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-08-15 12:13 - 2018-07-14 05:51 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-15 12:13 - 2018-07-14 05:51 - 002904576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-15 12:13 - 2018-07-14 05:51 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-15 12:13 - 2018-07-14 05:51 - 001304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-15 12:13 - 2018-07-14 05:49 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-15 12:12 - 2018-08-03 10:39 - 000790304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-08-15 12:12 - 2018-08-03 10:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-08-15 12:12 - 2018-08-03 10:25 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-08-15 12:12 - 2018-08-03 10:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-08-15 12:12 - 2018-08-03 10:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-08-15 12:12 - 2018-08-03 10:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-08-15 12:12 - 2018-08-03 10:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-08-15 12:12 - 2018-08-03 10:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-15 12:12 - 2018-08-03 10:20 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2018-08-15 12:12 - 2018-08-03 09:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-08-15 12:12 - 2018-08-03 09:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-08-15 12:12 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-08-15 12:12 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2018-08-15 12:12 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-08-15 12:12 - 2018-08-03 09:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-08-15 12:12 - 2018-08-03 09:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-08-15 12:12 - 2018-08-03 07:41 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-15 12:12 - 2018-08-03 06:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-15 12:12 - 2018-08-03 05:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2018-08-15 12:12 - 2018-08-03 05:46 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-15 12:12 - 2018-08-03 05:46 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-15 12:12 - 2018-08-03 05:41 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-08-15 12:12 - 2018-08-03 05:41 - 000077608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-08-15 12:12 - 2018-08-03 05:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-08-15 12:12 - 2018-08-03 05:40 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-08-15 12:12 - 2018-08-03 05:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-08-15 12:12 - 2018-08-03 05:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-08-15 12:12 - 2018-08-03 05:40 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-08-15 12:12 - 2018-08-03 05:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-08-15 12:12 - 2018-08-03 05:39 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-08-15 12:12 - 2018-08-03 05:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-08-15 12:12 - 2018-08-03 05:39 - 000170936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-15 12:12 - 2018-08-03 05:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-08-15 12:12 - 2018-08-03 05:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-08-15 12:12 - 2018-08-03 05:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-08-15 12:12 - 2018-08-03 05:38 - 001285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-08-15 12:12 - 2018-08-03 05:38 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-08-15 12:12 - 2018-08-03 05:38 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-15 12:12 - 2018-08-03 05:38 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-15 12:12 - 2018-08-03 05:38 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-08-15 12:12 - 2018-08-03 05:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-08-15 12:12 - 2018-08-03 05:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-08-15 12:12 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-08-15 12:12 - 2018-08-03 05:25 - 001131064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-08-15 12:12 - 2018-08-03 05:25 - 000583120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-08-15 12:12 - 2018-08-03 05:25 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-08-15 12:12 - 2018-08-03 05:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-08-15 12:12 - 2018-08-03 05:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-08-15 12:12 - 2018-08-03 05:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-08-15 12:12 - 2018-08-03 05:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-08-15 12:12 - 2018-08-03 05:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-08-15 12:12 - 2018-08-03 05:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-15 12:12 - 2018-08-03 05:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-15 12:12 - 2018-08-03 05:13 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-15 12:12 - 2018-08-03 05:13 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-15 12:12 - 2018-08-03 05:12 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-08-15 12:12 - 2018-08-03 05:12 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-08-15 12:12 - 2018-08-03 05:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-08-15 12:12 - 2018-08-03 05:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-15 12:12 - 2018-08-03 05:11 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-15 12:12 - 2018-08-03 05:10 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-15 12:12 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2018-08-15 12:12 - 2018-08-03 05:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-08-15 12:12 - 2018-08-03 05:08 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-08-15 12:12 - 2018-08-03 05:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-08-15 12:12 - 2018-08-03 05:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-08-15 12:12 - 2018-08-03 05:08 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-15 12:12 - 2018-08-03 05:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-08-15 12:12 - 2018-08-03 05:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-15 12:12 - 2018-08-03 05:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-08-15 12:12 - 2018-08-03 05:07 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-08-15 12:12 - 2018-08-03 05:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-08-15 12:12 - 2018-08-03 05:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-08-15 12:12 - 2018-08-03 05:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-15 12:12 - 2018-08-03 05:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-08-15 12:12 - 2018-08-03 05:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-08-15 12:12 - 2018-08-03 05:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-08-15 12:12 - 2018-08-03 05:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-08-15 12:12 - 2018-08-03 03:54 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-08-15 12:12 - 2018-07-15 02:58 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-08-15 12:12 - 2018-07-15 02:44 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-08-15 12:12 - 2018-07-15 02:41 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-15 12:12 - 2018-07-15 02:41 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-08-15 12:12 - 2018-07-15 02:39 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-08-15 12:12 - 2018-07-15 02:38 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-15 12:12 - 2018-07-15 02:38 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-15 12:12 - 2018-07-15 02:36 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-15 12:12 - 2018-07-15 01:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-08-15 12:12 - 2018-07-15 01:13 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-08-15 12:12 - 2018-07-15 01:13 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-08-15 12:12 - 2018-07-15 01:13 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-08-15 12:12 - 2018-07-15 01:13 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-08-15 12:12 - 2018-07-15 01:11 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-08-15 12:12 - 2018-07-14 06:37 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-08-15 12:12 - 2018-07-14 06:37 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-08-15 12:12 - 2018-07-14 06:22 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-08-15 12:12 - 2018-07-14 06:21 - 000722824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-08-15 12:12 - 2018-07-14 06:21 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-08-15 12:12 - 2018-07-14 06:20 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-08-15 12:12 - 2018-07-14 06:19 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-08-15 12:12 - 2018-07-14 06:18 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-08-15 12:12 - 2018-07-14 06:18 - 000376216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-08-15 12:12 - 2018-07-14 06:15 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-08-15 12:12 - 2018-07-14 05:58 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-08-15 12:12 - 2018-07-14 05:58 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-08-15 12:12 - 2018-07-14 05:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-08-15 12:12 - 2018-07-14 05:57 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-08-15 12:12 - 2018-07-14 05:57 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-08-15 12:12 - 2018-07-14 05:55 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-08-15 12:12 - 2018-07-14 05:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-15 12:12 - 2018-07-14 05:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-08-15 12:12 - 2018-07-14 05:54 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-15 12:12 - 2018-07-14 05:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-08-15 12:12 - 2018-07-14 05:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-15 12:12 - 2018-07-14 05:53 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-08-15 12:12 - 2018-07-14 05:53 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-08-15 12:12 - 2018-07-14 05:52 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-08-15 12:12 - 2018-07-14 05:52 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-15 12:12 - 2018-07-14 05:52 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-15 12:12 - 2018-07-14 05:51 - 001747968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-08-15 12:12 - 2018-07-14 05:51 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-08-15 12:12 - 2018-07-14 05:51 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-15 12:12 - 2018-07-14 05:50 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-08-15 12:12 - 2018-07-14 05:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-08-15 12:12 - 2018-07-14 05:50 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-08-15 12:12 - 2018-07-14 05:49 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-08-15 12:12 - 2018-07-13 06:30 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-13 13:39 - 2018-08-13 13:39 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1903383002-3755401707-383608710-1001
2018-08-13 13:39 - 2018-08-13 13:39 - 000002421 _____ C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-04 07:59 - 2017-03-15 23:34 - 000000000 ____D C:\FRST
2018-09-04 07:57 - 2016-11-16 14:00 - 000000000 ____D C:\Users\Markalous\AppData\LocalLow\Mozilla
2018-09-04 07:56 - 2017-05-23 08:30 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-04 07:55 - 2017-08-09 17:29 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-09-04 07:54 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-04 07:54 - 2015-11-11 20:41 - 000000000 __SHD C:\Users\Markalous\IntelGraphicsProfiles
2018-09-03 23:38 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-03 23:38 - 2016-03-21 10:00 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-09-03 23:37 - 2017-05-23 08:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-09-03 23:37 - 2015-11-14 10:30 - 000000000 ____D C:\Users\Markalous\AppData\Roaming\NVIDIA
2018-09-03 23:22 - 2018-05-20 12:35 - 001955780 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-03 23:22 - 2018-04-12 17:50 - 000809390 _____ C:\WINDOWS\system32\perfh005.dat
2018-09-03 23:22 - 2018-04-12 17:50 - 000186598 _____ C:\WINDOWS\system32\perfc005.dat
2018-09-03 23:20 - 2017-05-23 08:30 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-09-03 23:20 - 2017-05-23 08:30 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-09-03 23:20 - 2017-05-05 07:56 - 000001477 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-09-03 22:44 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-03 22:29 - 2018-05-20 12:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-03 22:09 - 2017-05-22 23:11 - 001388432 _____ C:\Users\Public\VOIP.dat
2018-09-03 22:02 - 2015-10-24 22:06 - 000000000 ____D C:\ProgramData\Temp
2018-09-03 21:58 - 2018-05-28 23:38 - 000000000 ____D C:\Users\Markalous\Documents\Flight Simulator X Files
2018-09-03 21:36 - 2018-02-09 11:04 - 000000000 ____D C:\ProgramData\PaloDEx Group
2018-09-03 21:03 - 2015-11-13 01:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-03 20:54 - 2015-11-13 01:28 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-03 20:43 - 2018-05-20 12:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-03 20:42 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-09-03 20:40 - 2016-02-05 20:16 - 000000000 ____D C:\AdwCleaner
2018-09-03 20:39 - 2015-11-12 01:15 - 000000000 ____D C:\Users\Markalous\Desktop\Údržba
2018-09-03 12:35 - 2018-02-14 15:44 - 000000000 ____D C:\VXIMAGES
2018-09-03 12:34 - 2018-02-14 15:07 - 000000000 ____D C:\VixTemp
2018-09-03 12:33 - 2016-02-14 12:50 - 000000000 ____D C:\Users\Markalous\Desktop\OPG
2018-09-03 10:05 - 2016-02-05 12:18 - 000000000 ____D C:\Program Files\trend micro
2018-09-03 10:00 - 2017-10-05 17:38 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-09-03 09:51 - 2017-10-11 10:17 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-09-03 09:30 - 2015-11-11 21:47 - 000000000 ____D C:\Program Files (x86)\Dialog MIS
2018-09-03 09:13 - 2018-07-01 00:15 - 000000000 ____D C:\Users\Markalous\AppData\Local\ElevatedDiagnostics
2018-09-02 22:19 - 2016-01-20 10:27 - 000000000 ____D C:\ProgramData\firebird
2018-09-02 20:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-01 22:39 - 2018-05-14 07:35 - 000000000 ____D C:\Users\Markalous\AppData\Roaming\ABarthel
2018-09-01 22:22 - 2015-12-04 09:06 - 000000000 ____D C:\Users\Markalous\AppData\Roaming\uTorrent
2018-09-01 15:49 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-31 08:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-29 22:53 - 2018-04-03 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-08-27 09:26 - 2018-05-20 13:09 - 000000000 ____D C:\Users\Markalous\AppData\Local\D3DSCache
2018-08-21 12:15 - 2018-06-13 14:07 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-08-21 12:14 - 2018-06-18 13:22 - 000634352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-08-21 12:14 - 2017-12-21 22:33 - 000124216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-08-21 12:14 - 2017-05-23 08:30 - 005947600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-08-21 12:14 - 2017-05-23 08:30 - 002612264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-08-21 12:14 - 2017-05-23 08:30 - 001767632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-08-21 12:14 - 2017-05-23 08:30 - 000450768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-08-16 07:45 - 2016-04-12 13:44 - 000000000 ___RD C:\Users\Markalous\3D Objects
2018-08-16 07:45 - 2015-10-24 21:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-16 07:42 - 2018-05-20 12:29 - 000453656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-08-15 14:01 - 2015-11-11 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompuGroup Medical
2018-08-15 12:22 - 2015-07-10 13:04 - 000000252 _____ C:\WINDOWS\win.ini
2018-08-14 20:58 - 2018-05-20 12:59 - 000004656 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-08-14 20:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-08-14 20:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-08-14 20:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-13 21:05 - 2015-11-12 14:45 - 000000000 ____D C:\Users\Markalous\Desktop\Domácí video
2018-08-13 20:42 - 2015-11-11 21:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-13 13:39 - 2017-04-06 23:20 - 000000000 ___RD C:\Users\Markalous\OneDrive - Základní škola a mateřská škola logopedická, Brno, Veslařská 234
2018-08-13 13:39 - 2015-11-11 20:45 - 000000000 ___RD C:\Users\Markalous\OneDrive
2018-08-08 22:16 - 2016-06-12 20:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-08-08 22:16 - 2015-11-11 21:27 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-08-08 20:16 - 2015-11-12 19:20 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2017-05-22 23:11 - 2018-09-03 22:09 - 001388432 _____ () C:\Users\Public\VOIP.dat
2017-09-17 20:47 - 2017-09-01 16:32 - 000000687 _____ () C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
2015-11-13 14:53 - 2017-11-30 23:58 - 000000000 _____ () C:\Users\Markalous\AppData\Roaming\FileIn.cns
2015-11-13 14:53 - 2017-11-30 23:58 - 000000000 _____ () C:\Users\Markalous\AppData\Roaming\FileOut.cns
2018-05-09 23:06 - 2018-05-16 12:52 - 000000261 _____ () C:\Users\Markalous\AppData\Roaming\OpenSceneryX Installer.plist
2015-11-11 20:41 - 2016-06-26 09:12 - 000000165 _____ () C:\Users\Markalous\AppData\Roaming\sp_data.sys
2017-07-06 19:17 - 2017-07-06 19:17 - 000000000 ___SH () C:\Users\Markalous\AppData\Local\LumaEmu
2018-05-08 20:57 - 2018-05-08 20:57 - 000002053 _____ () C:\Users\Markalous\AppData\Local\recently-used.xbel
2016-04-08 12:29 - 2018-05-19 09:11 - 000007597 _____ () C:\Users\Markalous\AppData\Local\Resmon.ResmonCfg
2018-05-26 21:04 - 2018-05-26 21:04 - 000000054 _____ () C:\Users\Markalous\AppData\Local\X-Plane 11 Preferences.prf
2018-05-09 16:11 - 2018-05-28 21:43 - 000000037 _____ () C:\Users\Markalous\AppData\Local\X-Plane Installer.prf
2018-05-09 19:05 - 2018-05-28 20:42 - 000000075 _____ () C:\Users\Markalous\AppData\Local\X-Plane_drm_11.prf
2018-05-09 13:51 - 2018-05-09 13:51 - 000000016 _____ () C:\Users\Markalous\AppData\Local\x-plane_install_11.txt
2015-11-14 20:30 - 2015-11-14 20:30 - 000000000 _____ () C:\Users\Markalous\AppData\Local\{8E6A0024-B2E2-47BF-9147-A24DC9D2B2F9}
Some files in TEMP:
====================
2018-06-13 08:49 - 2007-04-06 12:23 - 000455600 ____R (Macrovision Corporation) C:\Users\Markalous\AppData\Local\Temp\_isE719.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-20 12:29
==================== End of FRST.txt ============================
--------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by Markalous (administrator) on MARKALOUSOVO (04-09-2018 07:59:04)
Running from C:\Users\Markalous\Desktop
Loaded Profiles: Markalous & kavokerr_nci_user (Available Profiles: Markalous & kavokerr_nci_user & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.228 (X64) Language: Czech (Czech Republic)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe
(KaVo Kerr.) C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\PixelMaster Video HDR\DriverMFTService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\gxs-700_service.exe
(PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\kkg_snapshot_usb.exe
() C:\Program Files (x86)\NetTime\NetTimeService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(Palodex Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\mDNSDiscovery.exe
(PaloDEx Group Oy) C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CompuGroup Medical Česká republika s.r.o.) D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-11-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25382344 2016-09-20] (Dropbox, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2007-10-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\MountPoints2: {21380089-d60d-11e5-9c1f-4c3488b4c12e} - "F:\AUTORUN.EXE"
HKU\S-1-5-21-1903383002-3755401707-383608710-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
ShellExecuteHooks: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
Startup: C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2016-05-03]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 secure.prepar3d.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{edad486c-8a2c-4582-88c1-d7a57ab2790c}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{edad486c-8a2c-4582-88c1-d7a57ab2790c}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> DefaultScope {AE14A255-747F-4FF8-BA39-73E5007E2D6F} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {AE14A255-747F-4FF8-BA39-73E5007E2D6F} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-05-15] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-15] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> hxxp://www.seznam.cz/
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.44.0_neutral__8wekyb3d8bbwe [not found]
FireFox:
========
FF DefaultProfile: ksm22cvy.default-1492598722798-1528921544729
FF ProfilePath: C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\ksm22cvy.default-1492598722798-1528921544729 [2018-09-04]
FF Homepage: Mozilla\Firefox\Profiles\ksm22cvy.default-1492598722798-1528921544729 -> hxxps://www.seznam.cz/
FF Extension: (Ceska sporitelna Client certificate) - C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\ksm22cvy.default-1492598722798-1528921544729\Extensions\mci_msg_prod@csas.cz.xpi [2018-08-20]
FF Extension: (Google Translator for Firefox) - C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\ksm22cvy.default-1492598722798-1528921544729\Extensions\translator@zoli.bod.xpi [2018-06-13]
FF Extension: (uBlock Origin) - C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\ksm22cvy.default-1492598722798-1528921544729\Extensions\uBlock0@raymondhill.net.xpi [2018-08-27]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2018-07-11] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-14] ()
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @servis24.cz/PKIComponent -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2018-04-30] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2016-03-29] (Česká spořitelna, a.s.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default [2018-09-03]
CHR Extension: (Prezentace) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Dokumenty) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29]
CHR Extension: (Disk Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-12]
CHR Extension: (YouTube) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Tabulky) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-10-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-29]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-02-06]
CHR Extension: (Gmail) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-29]
CHR HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [File not signed]
S4 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
S3 cgm.brevir-1; D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe [265728 2017-05-15] () [File not signed]
S3 cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [33888 2017-06-15] (Microsoft) [File not signed]
R2 cgm.ecommunication-1; D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [88416 2018-05-21] (CompuGroup Medical Česká republika s.r.o.)
S3 cgm.etrzby-1; D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe [22112 2017-05-19] (CompuGroup Medical Česká republika s.r.o.) [File not signed]
S3 cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [51200 2016-12-15] (CGM) [File not signed]
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42792 2016-09-20] (Windows (R) Win 7 DDK provider)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] ()
R2 DriverMFTService; C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe [20992 2015-05-19] (ASUSTek Computer Inc.) [File not signed]
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel)
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-11-13] (ELAN Microelectronics Corp.)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4665168 2015-09-24] (SafeNet Inc.)
S3 HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [46080 2016-11-03] (HCS GmbH) [File not signed]
S3 HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [91648 2016-11-03] (HCS GmbH) [File not signed]
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-03-10] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
R2 kkgbrokerproxy; C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe [10382648 2017-11-15] (PaloDEx Group Oy)
R2 kkgdevicebroker; C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe [2820920 2017-11-30] (PaloDEx Group Oy)
R2 kkgdiscovery; C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe [487424 2017-06-29] (KaVo Kerr.) [File not signed]
R2 kkggxs700service; C:\Program Files (x86)\PaloDEx Group\IAM\gxs-700_service.exe [4034360 2017-12-14] (PaloDEx Group Oy)
R2 kkgmdnsdiscovery; C:\Program Files (x86)\PaloDEx Group\IAM\mDNSDiscovery.exe [4938040 2017-12-11] (Palodex Group Oy)
R2 kkgsnapshotservice; C:\Program Files (x86)\Palodex Group\IAM\kkg_snapshot_usb.exe [233280 2018-02-14] (PaloDEx Group Oy)
S3 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
R2 NetTimeSvc; C:\Program Files (x86)\NetTime\NetTimeService.exe [473088 2012-05-12] () [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1740864 2017-04-26] (O&O Software GmbH)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 SAService; C:\Windows\system32\SAsrv.exe [427224 2015-04-17] (Conexant Systems, Inc.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-07-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-07-31] (Microsoft Corporation)
R2 xmengine service; C:\WINDOWS\SysWoW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
S3 cgm.postgres; D:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe runservice -N "cgm.postgres" -D "D:/CGMSERVER/data/pgsql" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [29696 2016-03-02] (LG Electronics Inc.) [File not signed]
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-03-02] (LG Electronics Inc.) [File not signed]
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-03-02] (LG Electronics Inc.) [File not signed]
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [310728 2016-04-28] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] () [File not signed]
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [60968 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] () [File not signed]
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [18472 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [192552 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () [File not signed]
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Gemalto)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [350552 2015-09-24] (SafeNet Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-09] (REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [243208 2017-03-10] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [42696 2016-04-28] ()
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R1 MpKslc60dc389; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{61D0C98E-2A9B-4DB3-A7B9-7F702D299B67}\MpKslc60dc389.sys [58120 2018-09-03] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_05db8c39344e07a5\nvlddmkm.sys [17212744 2018-08-22] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
S3 PcaSp50a64; C:\WINDOWS\System32\Drivers\PcaSp50a64.sys [41280 2018-02-14] (Printing Communications Assoc., Inc. (PCAUSA))
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [758488 2016-06-12] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-05-14] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46584 2018-07-31] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-07-31] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-07-31] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-04 07:59 - 2018-09-04 08:00 - 000030688 _____ C:\Users\Markalous\Desktop\FRST.txt
2018-09-04 07:58 - 2018-09-04 07:58 - 002413056 _____ (Farbar) C:\Users\Markalous\Desktop\FRST64.exe
2018-09-04 07:54 - 2018-09-04 07:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-09-03 23:37 - 2018-08-21 12:14 - 000083440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-09-03 23:35 - 2018-08-22 18:14 - 001420648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-09-03 23:35 - 2018-08-22 18:14 - 001093640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-09-03 23:35 - 2018-08-22 18:14 - 000628560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-09-03 23:35 - 2018-08-22 18:14 - 000518832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 040348400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 035251600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 004354208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 003770072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 002016600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439907.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 001564496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 001469144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439907.dll
2018-09-03 23:35 - 2018-08-22 18:13 - 001218056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 031252104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 025967968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 017756392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 015170608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 013733544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 011277848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 004858000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 004128112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 001350792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 001160520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 001067288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 000908032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 000817800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-09-03 23:35 - 2018-08-22 18:12 - 000656352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-09-03 23:35 - 2018-08-21 14:16 - 000044335 _____ C:\WINDOWS\system32\nvinfo.pb
2018-09-03 23:20 - 2018-09-03 23:20 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:20 - 2018-09-03 23:20 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:37 - 000000000 ____D C:\WINDOWS\LastGood
2018-09-03 23:19 - 2018-09-03 23:19 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:19 - 2018-09-03 23:19 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-03 23:18 - 2018-06-08 03:59 - 000069544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-09-03 23:18 - 2018-04-24 19:29 - 000065792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-09-03 23:14 - 2018-09-03 23:14 - 000314341 _____ C:\Users\Markalous\Desktop\aicullv11.zip
2018-09-03 12:00 - 2018-09-03 12:00 - 000003694 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2018-09-03 12:00 - 2018-09-03 12:00 - 000003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2018-09-01 21:58 - 2018-09-01 22:15 - 000000000 ____D C:\Users\Markalous\Downloads\Navigraph AIRAC 1809
2018-08-23 23:25 - 2018-08-23 23:25 - 323558781 _____ C:\Users\Markalous\Desktop\Brac2018.mp4
2018-08-17 13:18 - 2012-04-19 14:28 - 001169517 _____ C:\Users\Markalous\Desktop\Passing Smoke.mp4
2018-08-15 14:01 - 2018-08-15 14:01 - 000001942 _____ C:\Users\Public\Desktop\PC DENT.lnk
2018-08-15 12:22 - 2018-08-06 17:19 - 000836480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-08-15 12:22 - 2018-08-06 17:19 - 000181120 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-15 12:21 - 2018-08-15 12:21 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-08-15 12:13 - 2018-08-03 10:39 - 021389368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-08-15 12:13 - 2018-08-03 10:22 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-08-15 12:13 - 2018-08-03 10:21 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-15 12:13 - 2018-08-03 10:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-08-15 12:13 - 2018-08-03 10:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-08-15 12:13 - 2018-08-03 10:20 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-15 12:13 - 2018-08-03 10:19 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-08-15 12:13 - 2018-08-03 09:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-08-15 12:13 - 2018-08-03 09:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-08-15 12:13 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-08-15 12:13 - 2018-08-03 09:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-08-15 12:13 - 2018-08-03 05:47 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-15 12:13 - 2018-08-03 05:40 - 001221048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-08-15 12:13 - 2018-08-03 05:40 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-08-15 12:13 - 2018-08-03 05:39 - 009091480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-15 12:13 - 2018-08-03 05:39 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-15 12:13 - 2018-08-03 05:39 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-08-15 12:13 - 2018-08-03 05:39 - 002829216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-08-15 12:13 - 2018-08-03 05:39 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-08-15 12:13 - 2018-08-03 05:38 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-15 12:13 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-15 12:13 - 2018-08-03 05:38 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-08-15 12:13 - 2018-08-03 05:38 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-08-15 12:13 - 2018-08-03 05:38 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-08-15 12:13 - 2018-08-03 05:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-08-15 12:13 - 2018-08-03 05:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-15 12:13 - 2018-08-03 05:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-08-15 12:13 - 2018-08-03 05:25 - 001622296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-08-15 12:13 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-08-15 12:13 - 2018-08-03 05:23 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-15 12:13 - 2018-08-03 05:18 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-15 12:13 - 2018-08-03 05:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-08-15 12:13 - 2018-08-03 05:17 - 004380160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-15 12:13 - 2018-08-03 05:15 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-15 12:13 - 2018-08-03 05:14 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-15 12:13 - 2018-08-03 05:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-08-15 12:13 - 2018-08-03 05:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-08-15 12:13 - 2018-08-03 05:13 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-15 12:13 - 2018-08-03 05:12 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-08-15 12:13 - 2018-08-03 05:12 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-08-15 12:13 - 2018-08-03 05:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-08-15 12:13 - 2018-08-03 05:11 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-08-15 12:13 - 2018-08-03 05:09 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-15 12:13 - 2018-08-03 05:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-08-15 12:13 - 2018-08-03 05:08 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-15 12:13 - 2018-08-03 05:08 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-08-15 12:13 - 2018-08-03 05:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-08-15 12:13 - 2018-08-03 05:08 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-15 12:13 - 2018-08-03 05:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-15 12:13 - 2018-08-03 05:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-08-15 12:13 - 2018-08-03 05:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-08-15 12:13 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-08-15 12:13 - 2018-08-03 05:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-08-15 12:13 - 2018-07-15 02:56 - 001523240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-08-15 12:13 - 2018-07-15 02:44 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-08-15 12:13 - 2018-07-15 02:43 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-08-15 12:13 - 2018-07-15 02:42 - 008624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-08-15 12:13 - 2018-07-15 02:42 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-15 12:13 - 2018-07-15 02:39 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-15 12:13 - 2018-07-15 02:38 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-15 12:13 - 2018-07-15 02:38 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-08-15 12:13 - 2018-07-15 01:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-08-15 12:13 - 2018-07-15 01:18 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-08-15 12:13 - 2018-07-15 01:17 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-08-15 12:13 - 2018-07-15 01:15 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-08-15 12:13 - 2018-07-14 08:46 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-08-15 12:13 - 2018-07-14 08:42 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-08-15 12:13 - 2018-07-14 06:23 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-15 12:13 - 2018-07-14 06:22 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-08-15 12:13 - 2018-07-14 06:22 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-08-15 12:13 - 2018-07-14 06:22 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-08-15 12:13 - 2018-07-14 06:19 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-08-15 12:13 - 2018-07-14 06:19 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-08-15 12:13 - 2018-07-14 06:19 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-08-15 12:13 - 2018-07-14 06:19 - 000483024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-15 12:13 - 2018-07-14 06:18 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-15 12:13 - 2018-07-14 06:18 - 002371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-15 12:13 - 2018-07-14 06:18 - 001017584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-15 12:13 - 2018-07-14 06:18 - 000930712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-15 12:13 - 2018-07-14 06:18 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-08-15 12:13 - 2018-07-14 06:17 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-08-15 12:13 - 2018-07-14 06:17 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-15 12:13 - 2018-07-14 06:17 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-08-15 12:13 - 2018-07-14 06:16 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-08-15 12:13 - 2018-07-14 06:16 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-08-15 12:13 - 2018-07-14 06:16 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-08-15 12:13 - 2018-07-14 06:15 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-08-15 12:13 - 2018-07-14 06:15 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-08-15 12:13 - 2018-07-14 06:01 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-08-15 12:13 - 2018-07-14 05:59 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-15 12:13 - 2018-07-14 05:59 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-08-15 12:13 - 2018-07-14 05:59 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-08-15 12:13 - 2018-07-14 05:57 - 007057920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-15 12:13 - 2018-07-14 05:57 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-08-15 12:13 - 2018-07-14 05:56 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-15 12:13 - 2018-07-14 05:56 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-08-15 12:13 - 2018-07-14 05:56 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-15 12:13 - 2018-07-14 05:56 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-08-15 12:13 - 2018-07-14 05:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-08-15 12:13 - 2018-07-14 05:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-15 12:13 - 2018-07-14 05:54 - 003319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-08-15 12:13 - 2018-07-14 05:54 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-15 12:13 - 2018-07-14 05:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-08-15 12:13 - 2018-07-14 05:54 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-15 12:13 - 2018-07-14 05:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 004770816 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-15 12:13 - 2018-07-14 05:53 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-08-15 12:13 - 2018-07-14 05:52 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-08-15 12:13 - 2018-07-14 05:52 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-08-15 12:13 - 2018-07-14 05:51 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-15 12:13 - 2018-07-14 05:51 - 002904576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-15 12:13 - 2018-07-14 05:51 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-15 12:13 - 2018-07-14 05:51 - 001304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-15 12:13 - 2018-07-14 05:50 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-15 12:13 - 2018-07-14 05:49 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-15 12:12 - 2018-08-03 10:39 - 000790304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-08-15 12:12 - 2018-08-03 10:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-08-15 12:12 - 2018-08-03 10:25 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-08-15 12:12 - 2018-08-03 10:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-08-15 12:12 - 2018-08-03 10:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-08-15 12:12 - 2018-08-03 10:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-08-15 12:12 - 2018-08-03 10:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-08-15 12:12 - 2018-08-03 10:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-15 12:12 - 2018-08-03 10:20 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2018-08-15 12:12 - 2018-08-03 09:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-08-15 12:12 - 2018-08-03 09:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-08-15 12:12 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-08-15 12:12 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2018-08-15 12:12 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-08-15 12:12 - 2018-08-03 09:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-08-15 12:12 - 2018-08-03 09:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-08-15 12:12 - 2018-08-03 07:41 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-15 12:12 - 2018-08-03 06:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-15 12:12 - 2018-08-03 05:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2018-08-15 12:12 - 2018-08-03 05:46 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-15 12:12 - 2018-08-03 05:46 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-15 12:12 - 2018-08-03 05:41 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-08-15 12:12 - 2018-08-03 05:41 - 000077608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-08-15 12:12 - 2018-08-03 05:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-08-15 12:12 - 2018-08-03 05:40 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-08-15 12:12 - 2018-08-03 05:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-08-15 12:12 - 2018-08-03 05:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-08-15 12:12 - 2018-08-03 05:40 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-08-15 12:12 - 2018-08-03 05:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-08-15 12:12 - 2018-08-03 05:39 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-08-15 12:12 - 2018-08-03 05:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-08-15 12:12 - 2018-08-03 05:39 - 000170936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-15 12:12 - 2018-08-03 05:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-08-15 12:12 - 2018-08-03 05:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-08-15 12:12 - 2018-08-03 05:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-08-15 12:12 - 2018-08-03 05:38 - 001285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-08-15 12:12 - 2018-08-03 05:38 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-08-15 12:12 - 2018-08-03 05:38 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-15 12:12 - 2018-08-03 05:38 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-15 12:12 - 2018-08-03 05:38 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-08-15 12:12 - 2018-08-03 05:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-08-15 12:12 - 2018-08-03 05:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-08-15 12:12 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-08-15 12:12 - 2018-08-03 05:25 - 001131064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-08-15 12:12 - 2018-08-03 05:25 - 000583120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-08-15 12:12 - 2018-08-03 05:25 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-08-15 12:12 - 2018-08-03 05:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-08-15 12:12 - 2018-08-03 05:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-08-15 12:12 - 2018-08-03 05:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-08-15 12:12 - 2018-08-03 05:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-08-15 12:12 - 2018-08-03 05:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-08-15 12:12 - 2018-08-03 05:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-15 12:12 - 2018-08-03 05:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-15 12:12 - 2018-08-03 05:13 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-15 12:12 - 2018-08-03 05:13 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-15 12:12 - 2018-08-03 05:12 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-08-15 12:12 - 2018-08-03 05:12 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-08-15 12:12 - 2018-08-03 05:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-08-15 12:12 - 2018-08-03 05:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-15 12:12 - 2018-08-03 05:11 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-15 12:12 - 2018-08-03 05:10 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-15 12:12 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2018-08-15 12:12 - 2018-08-03 05:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-08-15 12:12 - 2018-08-03 05:08 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-08-15 12:12 - 2018-08-03 05:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-08-15 12:12 - 2018-08-03 05:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-08-15 12:12 - 2018-08-03 05:08 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-15 12:12 - 2018-08-03 05:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-08-15 12:12 - 2018-08-03 05:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-15 12:12 - 2018-08-03 05:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-08-15 12:12 - 2018-08-03 05:07 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-08-15 12:12 - 2018-08-03 05:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-08-15 12:12 - 2018-08-03 05:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-08-15 12:12 - 2018-08-03 05:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-15 12:12 - 2018-08-03 05:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-08-15 12:12 - 2018-08-03 05:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-08-15 12:12 - 2018-08-03 05:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-08-15 12:12 - 2018-08-03 05:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-08-15 12:12 - 2018-08-03 03:54 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-08-15 12:12 - 2018-07-15 02:58 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-08-15 12:12 - 2018-07-15 02:44 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-08-15 12:12 - 2018-07-15 02:41 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-15 12:12 - 2018-07-15 02:41 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-08-15 12:12 - 2018-07-15 02:39 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-08-15 12:12 - 2018-07-15 02:38 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-15 12:12 - 2018-07-15 02:38 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-15 12:12 - 2018-07-15 02:36 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-15 12:12 - 2018-07-15 01:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-08-15 12:12 - 2018-07-15 01:13 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-08-15 12:12 - 2018-07-15 01:13 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-08-15 12:12 - 2018-07-15 01:13 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-08-15 12:12 - 2018-07-15 01:13 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-08-15 12:12 - 2018-07-15 01:11 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-08-15 12:12 - 2018-07-14 06:37 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-08-15 12:12 - 2018-07-14 06:37 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-08-15 12:12 - 2018-07-14 06:22 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-08-15 12:12 - 2018-07-14 06:21 - 000722824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-08-15 12:12 - 2018-07-14 06:21 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-08-15 12:12 - 2018-07-14 06:20 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-08-15 12:12 - 2018-07-14 06:19 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-08-15 12:12 - 2018-07-14 06:18 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-08-15 12:12 - 2018-07-14 06:18 - 000376216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-08-15 12:12 - 2018-07-14 06:15 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-08-15 12:12 - 2018-07-14 05:58 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-08-15 12:12 - 2018-07-14 05:58 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-08-15 12:12 - 2018-07-14 05:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-08-15 12:12 - 2018-07-14 05:57 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-08-15 12:12 - 2018-07-14 05:57 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2018-08-15 12:12 - 2018-07-14 05:56 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-08-15 12:12 - 2018-07-14 05:55 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-08-15 12:12 - 2018-07-14 05:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-15 12:12 - 2018-07-14 05:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-15 12:12 - 2018-07-14 05:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-08-15 12:12 - 2018-07-14 05:54 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-08-15 12:12 - 2018-07-14 05:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-15 12:12 - 2018-07-14 05:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-08-15 12:12 - 2018-07-14 05:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-15 12:12 - 2018-07-14 05:53 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-08-15 12:12 - 2018-07-14 05:53 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-08-15 12:12 - 2018-07-14 05:52 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-08-15 12:12 - 2018-07-14 05:52 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-15 12:12 - 2018-07-14 05:52 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-15 12:12 - 2018-07-14 05:51 - 001747968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-08-15 12:12 - 2018-07-14 05:51 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-08-15 12:12 - 2018-07-14 05:51 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-15 12:12 - 2018-07-14 05:50 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-08-15 12:12 - 2018-07-14 05:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-08-15 12:12 - 2018-07-14 05:50 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-08-15 12:12 - 2018-07-14 05:49 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-08-15 12:12 - 2018-07-13 06:30 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-13 13:39 - 2018-08-13 13:39 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1903383002-3755401707-383608710-1001
2018-08-13 13:39 - 2018-08-13 13:39 - 000002421 _____ C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-04 07:59 - 2017-03-15 23:34 - 000000000 ____D C:\FRST
2018-09-04 07:57 - 2016-11-16 14:00 - 000000000 ____D C:\Users\Markalous\AppData\LocalLow\Mozilla
2018-09-04 07:56 - 2017-05-23 08:30 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-04 07:55 - 2017-08-09 17:29 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-09-04 07:54 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-04 07:54 - 2015-11-11 20:41 - 000000000 __SHD C:\Users\Markalous\IntelGraphicsProfiles
2018-09-03 23:38 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-03 23:38 - 2016-03-21 10:00 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-09-03 23:37 - 2017-05-23 08:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-09-03 23:37 - 2015-11-14 10:30 - 000000000 ____D C:\Users\Markalous\AppData\Roaming\NVIDIA
2018-09-03 23:22 - 2018-05-20 12:35 - 001955780 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-03 23:22 - 2018-04-12 17:50 - 000809390 _____ C:\WINDOWS\system32\perfh005.dat
2018-09-03 23:22 - 2018-04-12 17:50 - 000186598 _____ C:\WINDOWS\system32\perfc005.dat
2018-09-03 23:20 - 2017-05-23 08:30 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-09-03 23:20 - 2017-05-23 08:30 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-09-03 23:20 - 2017-05-05 07:56 - 000001477 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-09-03 22:44 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-03 22:29 - 2018-05-20 12:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-03 22:09 - 2017-05-22 23:11 - 001388432 _____ C:\Users\Public\VOIP.dat
2018-09-03 22:02 - 2015-10-24 22:06 - 000000000 ____D C:\ProgramData\Temp
2018-09-03 21:58 - 2018-05-28 23:38 - 000000000 ____D C:\Users\Markalous\Documents\Flight Simulator X Files
2018-09-03 21:36 - 2018-02-09 11:04 - 000000000 ____D C:\ProgramData\PaloDEx Group
2018-09-03 21:03 - 2015-11-13 01:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-03 20:54 - 2015-11-13 01:28 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-03 20:43 - 2018-05-20 12:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-03 20:42 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-09-03 20:40 - 2016-02-05 20:16 - 000000000 ____D C:\AdwCleaner
2018-09-03 20:39 - 2015-11-12 01:15 - 000000000 ____D C:\Users\Markalous\Desktop\Údržba
2018-09-03 12:35 - 2018-02-14 15:44 - 000000000 ____D C:\VXIMAGES
2018-09-03 12:34 - 2018-02-14 15:07 - 000000000 ____D C:\VixTemp
2018-09-03 12:33 - 2016-02-14 12:50 - 000000000 ____D C:\Users\Markalous\Desktop\OPG
2018-09-03 10:05 - 2016-02-05 12:18 - 000000000 ____D C:\Program Files\trend micro
2018-09-03 10:00 - 2017-10-05 17:38 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-09-03 09:51 - 2017-10-11 10:17 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-09-03 09:30 - 2015-11-11 21:47 - 000000000 ____D C:\Program Files (x86)\Dialog MIS
2018-09-03 09:13 - 2018-07-01 00:15 - 000000000 ____D C:\Users\Markalous\AppData\Local\ElevatedDiagnostics
2018-09-02 22:19 - 2016-01-20 10:27 - 000000000 ____D C:\ProgramData\firebird
2018-09-02 20:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-01 22:39 - 2018-05-14 07:35 - 000000000 ____D C:\Users\Markalous\AppData\Roaming\ABarthel
2018-09-01 22:22 - 2015-12-04 09:06 - 000000000 ____D C:\Users\Markalous\AppData\Roaming\uTorrent
2018-09-01 15:49 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-31 08:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-29 22:53 - 2018-04-03 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-08-27 09:26 - 2018-05-20 13:09 - 000000000 ____D C:\Users\Markalous\AppData\Local\D3DSCache
2018-08-21 12:15 - 2018-06-13 14:07 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-08-21 12:14 - 2018-06-18 13:22 - 000634352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-08-21 12:14 - 2017-12-21 22:33 - 000124216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-08-21 12:14 - 2017-05-23 08:30 - 005947600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-08-21 12:14 - 2017-05-23 08:30 - 002612264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-08-21 12:14 - 2017-05-23 08:30 - 001767632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-08-21 12:14 - 2017-05-23 08:30 - 000450768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-08-16 07:45 - 2016-04-12 13:44 - 000000000 ___RD C:\Users\Markalous\3D Objects
2018-08-16 07:45 - 2015-10-24 21:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-16 07:42 - 2018-05-20 12:29 - 000453656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-16 00:14 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-16 00:14 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-08-15 14:01 - 2015-11-11 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompuGroup Medical
2018-08-15 12:22 - 2015-07-10 13:04 - 000000252 _____ C:\WINDOWS\win.ini
2018-08-14 20:58 - 2018-05-20 12:59 - 000004656 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-08-14 20:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-08-14 20:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-08-14 20:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-13 21:05 - 2015-11-12 14:45 - 000000000 ____D C:\Users\Markalous\Desktop\Domácí video
2018-08-13 20:42 - 2015-11-11 21:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-13 13:39 - 2017-04-06 23:20 - 000000000 ___RD C:\Users\Markalous\OneDrive - Základní škola a mateřská škola logopedická, Brno, Veslařská 234
2018-08-13 13:39 - 2015-11-11 20:45 - 000000000 ___RD C:\Users\Markalous\OneDrive
2018-08-08 22:16 - 2016-06-12 20:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-08-08 22:16 - 2015-11-11 21:27 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-08-08 20:16 - 2015-11-12 19:20 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2017-05-22 23:11 - 2018-09-03 22:09 - 001388432 _____ () C:\Users\Public\VOIP.dat
2017-09-17 20:47 - 2017-09-01 16:32 - 000000687 _____ () C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
2015-11-13 14:53 - 2017-11-30 23:58 - 000000000 _____ () C:\Users\Markalous\AppData\Roaming\FileIn.cns
2015-11-13 14:53 - 2017-11-30 23:58 - 000000000 _____ () C:\Users\Markalous\AppData\Roaming\FileOut.cns
2018-05-09 23:06 - 2018-05-16 12:52 - 000000261 _____ () C:\Users\Markalous\AppData\Roaming\OpenSceneryX Installer.plist
2015-11-11 20:41 - 2016-06-26 09:12 - 000000165 _____ () C:\Users\Markalous\AppData\Roaming\sp_data.sys
2017-07-06 19:17 - 2017-07-06 19:17 - 000000000 ___SH () C:\Users\Markalous\AppData\Local\LumaEmu
2018-05-08 20:57 - 2018-05-08 20:57 - 000002053 _____ () C:\Users\Markalous\AppData\Local\recently-used.xbel
2016-04-08 12:29 - 2018-05-19 09:11 - 000007597 _____ () C:\Users\Markalous\AppData\Local\Resmon.ResmonCfg
2018-05-26 21:04 - 2018-05-26 21:04 - 000000054 _____ () C:\Users\Markalous\AppData\Local\X-Plane 11 Preferences.prf
2018-05-09 16:11 - 2018-05-28 21:43 - 000000037 _____ () C:\Users\Markalous\AppData\Local\X-Plane Installer.prf
2018-05-09 19:05 - 2018-05-28 20:42 - 000000075 _____ () C:\Users\Markalous\AppData\Local\X-Plane_drm_11.prf
2018-05-09 13:51 - 2018-05-09 13:51 - 000000016 _____ () C:\Users\Markalous\AppData\Local\x-plane_install_11.txt
2015-11-14 20:30 - 2015-11-14 20:30 - 000000000 _____ () C:\Users\Markalous\AppData\Local\{8E6A0024-B2E2-47BF-9147-A24DC9D2B2F9}
Some files in TEMP:
====================
2018-06-13 08:49 - 2007-04-06 12:23 - 000455600 ____R (Macrovision Corporation) C:\Users\Markalous\AppData\Local\Temp\_isE719.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-20 12:29
==================== End of FRST.txt ============================
Re: prevence po dlouhe dobe
log addition.txt:
-------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by Markalous (04-09-2018 08:01:09)
Running from C:\Users\Markalous\Desktop
Windows 10 Home Version 1803 17134.228 (X64) (2018-05-20 11:01:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1903383002-3755401707-383608710-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1903383002-3755401707-383608710-503 - Limited - Disabled)
Guest (S-1-5-21-1903383002-3755401707-383608710-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1903383002-3755401707-383608710-1004 - Limited - Enabled)
kavokerr_nci_user (S-1-5-21-1903383002-3755401707-383608710-1002 - Limited - Enabled) => C:\Users\kavokerr_nci_user
Markalous (S-1-5-21-1903383002-3755401707-383608710-1001 - Administrator - Enabled) => C:\Users\Markalous
WDAGUtilityAccount (S-1-5-21-1903383002-3755401707-383608710-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{8FD6FE5A-E1E1-47F3-BBE6-FE2B1364DCB8}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{2394186A-5445-4293-B739-352009350342}) (Version: 3.0.0.9 - Intel) Hidden
µTorrent (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Acoustica CD/DVD Label Maker (HKLM-x32\...\Acoustica CD/DVD Label Maker) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Reader 8.1.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A81100000003}) (Version: 8.1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.30 - Aerosoft)
aerosoft's - Approaching Innsbruck X (HKLM-x32\...\{70864384-DD19-44CB-A999-A917F32F623D}) (Version: 1.20 - aerosoft)
Aerosoft's - Bergen X - FSX (HKLM-x32\...\Bergen X - FSX) (Version: 1.04 - Aerosoft)
Aerosoft's - German Airports 1 - Stuttgart - FSX (HKLM-x32\...\German Airports 1 - Stuttgart - FSX) (Version: 2.00 - Aerosoft)
aerosoft's - German Airports 2 - 2012 (FSX) (HKLM-x32\...\{01C3630A-7FD2-46DF-B514-A4B829B0021A}) (Version: 1.01 - aerosoft)
aerosoft's - German Airports 3 - 2012 (FSX) (HKLM-x32\...\{857D0DD6-42D4-4BD7-B299-EA70A064302D}) (Version: 1.04 - aerosoft)
Aerosoft's - Luxembourg Airports (HKLM-x32\...\{F293A032-EB67-4ADC-8646-F1AA7F9E0143}) (Version: 3.20 - Aerosoft)
aerosoft's - Mega Airport Amsterdam FSX (HKLM-x32\...\{0A297C87-BF52-43FD-AD75-EE72228E4457}) (Version: 1.04 - aerosoft)
Aerosoft's - Mega Airport Brussels X (HKLM-x32\...\{CB858C75-8537-4B71-9080-2A4F7D51F128}) (Version: 1.01 - Aerosoft)
Aerosoft's - Mega Airport Budapest (HKLM-x32\...\{AD6C554F-5050-40B1-B84D-51D74A09C7E4}) (Version: 2.00 - Aerosoft)
Aerosoft's - Mega Airport Frankfurt 2.0 - FSX (HKLM-x32\...\Mega Airport Frankfurt 2.0 - FSX) (Version: 2.10 - Aerosoft)
Aerosoft's - Mega Airport Helsinki - FSX (HKLM-x32\...\Mega Airport Helsinki - FSX) (Version: 1.20 - Aerosoft)
Aerosoft's - Mega Airport Lisbon V2.0 - FSX (HKLM-x32\...\Mega Airport Lisbon V2.0 - FSX) (Version: 2.01 - Aerosoft)
aerosoft's - Mega Airport Madrid Barajas (HKLM-x32\...\{8233F99B-C4C2-44E9-8486-374E9B300BF2}) (Version: 1.02 - aerosoft)
Aerosoft's - Mega Airport Oslo 2.0 - FSX (HKLM-x32\...\Mega Airport Oslo 2.0 - FSX) (Version: 1.07 - Aerosoft)
Aerosoft's - Mega Airport Prag - FSX (HKLM-x32\...\Mega Airport Prag - FSX) (Version: 1.05 - Aerosoft)
Aerosoft's - Mega Airport Rome - FSX (HKLM-x32\...\Mega Airport Rome - FSX) (Version: 1.02 - Aerosoft)
Aerosoft's - Mega Airport Zurich V2.0 - FSX (HKLM-x32\...\Mega Airport Zurich V2.0 - FSX) (Version: 1.04 - Aerosoft)
Aerosoft's - Milan Malpensa X - FSX (HKLM-x32\...\Milan Malpensa X - FSX) (Version: 1.14 - Aerosoft)
Aerosoft's - Napoli X - FSX (HKLM-x32\...\Napoli X - FSX) (Version: 1.00 - Aerosoft)
aerosoft's - Venice X (HKLM-x32\...\{74F493A2-1264-4BF2-A135-0184C68BD580}) (Version: 1.00 - aerosoft)
Aerosoft's - VFR Germany 3 (HKLM-x32\...\{61C6337D-EDF5-43F0-9E50-541A389070BD}) (Version: 1.00 - Aerosoft)
Afl0Sim Henri Coanda Airport version 2.4 (HKLM-x32\...\{DA8D38A8-6ECF-4B45-88CC-0A1F00151376}_is1) (Version: 2.4 - Afl0Sim)
AFX Professional License (HKLM-x32\...\afxpro) (Version: - )
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Age of Empires II: HD Edition - Slovenčina (HKLM-x32\...\{9E8F3F5F-6067-4578-B2A8-97DD49B918AB}_is1) (Version: 5.7.0 - Miro "Valec" Valko)
AivlaSoft EFB (HKLM-x32\...\AivlaSoft EFB) (Version: 1.6.8 - AivlaSoft )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.11.0001 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.30 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.91 - ICEpower a/s)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
Backup and Sync from Google (HKLM\...\{AEFBDB5B-899F-4AE6-B789-BA56A652A476}) (Version: 3.42.9858.3671 - Google, Inc.)
BCC 7 OFX 64Bit (HKLM\...\{05D8FAA8-958E-4E47-96DA-F1E043EB01E5}) (Version: 7.0.4 - Boris FX, Inc.)
Boris Continuum Complete 9 OFX for Sony (64-Bit) (HKLM\...\{3DF67BF0-17E8-4537-951C-758102AB87F7}) (Version: 9.0.2005 - Boris FX, Inc.)
Boris FX 10 (64 Bit) (HKLM\...\{BAF3FFCF-4BFC-42C9-A5F3-EF5F55615C29}) (Version: 10.0.1 - Boris FX, Inc.)
Canon MP500 (HKLM\...\{BA4DF4C3-196E-4128-969A-00996B5A46F8}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
ČD Bee 509 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\ČD Bee 509) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6140 - CDBurnerXP)
CLINIVIEW Server Discovery (HKLM-x32\...\{F9316000-808E-453D-8DDF-BE19BE849C7E}) (Version: 1.0.0.3 - Instrumentarium Dental) Hidden
CLINIVIEW Server Discovery (HKLM-x32\...\InstallShield_{F9316000-808E-453D-8DDF-BE19BE849C7E}) (Version: 1.0.0.3 - Instrumentarium Dental)
CodeSite Tools 5.1.4 (HKLM-x32\...\CodeSite Tools 5.1.4) (Version: 5.0 - Raize Software, Inc.)
CompuGroup Medical - (PC DOKTOR / PC DENT) (HKLM-x32\...\{81F07A4F-A47E-4E0F-A75D-D24BD09BB2D8}) (Version: 3.8.1.9893 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - Brevíř (HKLM-x32\...\{2ED5E236-8C33-44A9-8A5E-64780464A80E}) (Version: 1.0.42.142 - CGM)
CompuGroup Medical - CGM SERVER (HKLM-x32\...\{8FE2C676-72E8-4024-9066-710FE32112E8}) (Version: 1.0.0.685 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - Ecommunication (HKLM-x32\...\{3850A53F-8A0E-45E1-9F11-D801237D3694}) (Version: 1.4.183.215 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - eTržby (HKLM-x32\...\{078BC37F-7DBE-49D6-BF20-1516FEEFBDAD}) (Version: 1.1.60.65 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - Kniha objednávek (HKLM-x32\...\{CF314AF7-682B-4C77-B164-6FB0080D2726}) (Version: 1.1.1324.990 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - MEDICAL NET (HKLM-x32\...\{0726B7A2-A8F4-4BE1-A086-A93E9A5BA5BC}) (Version: 4.8.0.346 - CompuGroup Medical Česká republika s.r.o.)
ConBuilder (HKLM-x32\...\ConBuilder) (Version: 2.03.0002 - WeiRuan)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.52 - Conexant)
CPUID HWMonitor 1.35 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.35 - CPUID, Inc.)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.9 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.9 - Monet+,a.s.)
Cue Club 2 (HKLM-x32\...\{098DBB93-C612-41A1-9354-8AFE9A411E92}_is1) (Version: 1.0 - Bulldog Interactive)
CueClub (HKLM-x32\...\{AF6ECA04-F2CC-11D3-9D68-0020781864F1}) (Version: - )
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Digital Design Salzburg (HKLM-x32\...\DIGITALDESIGN-ZALZBURG-5AA2B000-276D-409B-B8E2-0~36C3D109_is1) (Version: 1.0.0.0 - SimMarket)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 399.07 - NVIDIA Corporation) Hidden
Document Express DjVu Plug-in (HKLM\...\{3677A6FF-9C6F-48B7-B0DC-E958C2FE4FFF}) (Version: 6.1.35472 - Cuminas Corporation)
Dropbox (HKLM-x32\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.27.37 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 9.0 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 9.0 - CHENGDU YIWO Tech Development Co., Ltd)
Easy Photo Scan (HKLM-x32\...\{93AEF2AF-86FB-42AD-8392-5DAEC0638B1A}) (Version: 1.00.0012 - Seiko Epson Corporation)
E-Jets v2 World Airliners 1 (v1.0b021) (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\E-Jets v2 World Airliners 1 (v1.0b021)) (Version: - )
E-Jets v2 World Airliners 2 (v1.1b024) (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\E-Jets v2 World Airliners 2 (v1.1b024)) (Version: - )
EKCH Copenhagen Airport, Kastrup X (HKLM-x32\...\{9D5BFBF1-EB38-4AE1-A833-4F564B999CE3}) (Version: 2.0 - Scansim)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{60A3CB9F-4429-4C7A-AA97-77CC4FE10671}) (Version: 4.4.9 - Seiko Epson Corporation)
EPSON XP-530 Series Printer Uninstall (HKLM\...\EPSON XP-530 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - )
FeelThere E-Jets v.2 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\FeelThere E-Jets v.2) (Version: - )
Flight One Software - T182T Skylane TC FSX (HKLM-x32\...\F1T182T) (Version: 1.5 - Flight One Software)
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight1 Citation Mustang (HKLM-x32\...\f1mustang_FSX) (Version: 1.08a - Flight One Software)
Flight1 King Air B200 for FSX (HKLM-x32\...\Flight1 King Air B200 for FSX1.3) (Version: 1.3 - Flight One Software)
FS ETR Pack (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\FS ETR Pack) (Version: - )
FS Water Configurator 3.15 (HKLM\...\FS Water Configurator) (Version: - )
FS2Crew: Aerosoft Airbus X Voice Control (HKLM-x32\...\FS2Crew: Aerosoft Airbus X Voice Control) (Version: - )
FS2Crew: Majestic Dash 8 Q400 Special Bundle Pack (HKLM-x32\...\FS2Crew: Majestic Dash 8 Q400 Special Bundle Pack) (Version: - )
FS2Crew: PMDG 737 NGX Reboot Edition (HKLM-x32\...\FS2Crew: PMDG 737 NGX Reboot Edition) (Version: - )
FS2Crew: PMDG 777 (HKLM-x32\...\FS2Crew: PMDG 777) (Version: - )
FSDG-Graz (HKLM-x32\...\FSDG-Graz) (Version: - )
FSDreamTeam GSX FSX (HKLM-x32\...\FSDreamTeam GSX FSX_is1) (Version: 1.8.4 - VIRTUALI s.a.s.)
Fs-Etr485-T-biz (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Fs-Etr485-T-biz) (Version: - )
FTX Global Base Pack (HKLM-x32\...\FTX Global Base Pack1.40) (Version: 1.40 - Orbx Simulation Systems Pty Ltd)
GDANSK POLAND (VERSION 3) (HKLM-x32\...\GDANSK POLAND (VERSION 3)) (Version: - )
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.1 - Gemalto)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GxPicture Driver Suite (HKLM-x32\...\{9E8EC8D6-1AE5-43AC-B2E8-B8B17B095DEB}) (Version: 3.70.000 - Gendex)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
High Definition Environment v2.1 (HKLM\...\{E46C2BF4-6090-4C42-9D26-21A6B3C143AF}) (Version: 1 - Original author Pablo Diaz, FSX update by Danny Glover and Erik BENDER (Rikoooo))
IAM (HKLM-x32\...\{D41F54D9-610D-4D4F-923E-92F410113A37}) (Version: 5.17.16750 - Palodex Group)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{814F3370-B612-46FB-B16F-5B9795365292}) (Version: 19.50.1 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{01f3f6b8-1a81-4b10-b51f-f69af12e1d69}) (Version: 3.0.0.9 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JetStream Designs LFML X 2013 (HKLM-x32\...\FSX_JETSTREAM_DESIGN_LFML_X_2013_is1) (Version: 1.0.0.0 - SimMarket)
Jezdecká akademie (HKLM-x32\...\Jezdecká akademie_is1) (Version: 1.0 - Game shop, s.r.o.)
JustSim - LOWL v1.1 (HKLM-x32\...\JUSTSIM-LOWL-3DC2E9CA-5C68-477C-B424-C31FB0115D68_is1) (Version: 1.1.0.0 - SimMarket)
JustSim-LEBL (HKLM-x32\...\JUSTSIM-LEBL-A3BFDE83-F8FA-4655-A4D8-019F2E6AD15C_is1) (Version: 1.2.0.0 - SimMarket)
JustSim-LFMN (HKLM-x32\...\JUSTSIM-LFMN-F99AB8EC-E05C-4F9E-B8E4-C06D6DEA3CED_is1) (Version: 1.1.0.0 - SimMarket)
KaVo Driver 17.5 (HKLM-x32\...\{6FD7505F-4499-4D7E-BE8E-29E05E1D9194}) (Version: 5.17.16750 - Palodex Group) Hidden
KaVo Driver 17.5 (HKLM-x32\...\InstallShield_{6FD7505F-4499-4D7E-BE8E-29E05E1D9194}) (Version: 5.17.16750 - Palodex Group)
KaVo Kerr Group Discovery Service (HKLM-x32\...\{18C72787-3C90-40D1-8F98-C983772934F8}) (Version: 1.0.16 - KaVo Kerr Group)
K-Lite Mega Codec Pack 12.2.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.2.5 - KLCP)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.1.1 - LG Electronics)
LSGG Geneva Cointrin 2015 (HKLM-x32\...\LSGG_GENEVA_COINTRIN_2015_is1) (Version: 1.0.0.0 - SimMarket)
LWSKv1.1_FSX version 1.1 (HKLM-x32\...\{D5F4C6BD-D851-4199-A79E-5CA2EAC22210}_is1) (Version: 1.1 - Ivano Marongiu | Flight simulator Scenery)
Mailsoft's - Switzerland Professional X (HKLM-x32\...\{C0E7FAD8-F8AE-4819-AEBF-D92562315EEE}) (Version: 1.00 - Mailsoft)
Majestic MJC8Q400 (HKLM-x32\...\MJC8Q400) (Version: - )
Mega Airport Dusseldorf X (HKLM-x32\...\Mega Airport Dusseldorf X) (Version: - )
Microsoft Access database engine 2010 (Spanish) (HKLM\...\{90140000-00D1-0C0A-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration SDK (HKLM-x32\...\{CF56984D-35C6-4ADB-9075-394978A427FB}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.2 (x64 cs)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MSTS Activity Mover, 1.0 (HKLM-x32\...\MSTS Activity Mover_is1) (Version: - Martin Lasevič, ML software)
MSTS Patch 1.7.00819 (HKLM-x32\...\{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}) (Version: 1.7.081920 - George)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
NetTime (HKLM-x32\...\NetTime_is1) (Version: - Mark Griffiths)
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: 3.0 - NewBlue)
NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version: 3.0 - NewBlue)
NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version: 3.0 - NewBlue)
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue ColorFast for Windows (HKLM-x32\...\NewBlue ColorFast for Windows) (Version: 3.0 - NewBlue)
NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Light Blends for Windows (HKLM-x32\...\NewBlue Light Blends for Windows) (Version: 3.0 - NewBlue)
NewBlue Light Effects for Windows (HKLM-x32\...\NewBlue Light Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: 2.4 - NewBlue)
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Paint Blends for Windows (HKLM-x32\...\NewBlue Paint Blends for Windows) (Version: 3.0 - NewBlue)
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Titler Pro 2.0 for Windows (HKLM-x32\...\NewBlue Titler Pro 2.0 for Windows) (Version: 1.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials IV for Windows (HKLM-x32\...\NewBlue Video Essentials IV for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Graphics Driver 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.07 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{1E7B316E-1456-477B-BA30-49A95C425496}) (Version: 20.5.603 - O&O Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpusFSI for FSX, FSX-SE, and Prepar3D Flight Simulators (HKLM-x32\...\{2B80493B-5263-4289-9E61-75786C2F40F2}) (Version: 4.50.2 - Opus Software Limited)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd)
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.33 - ASUS)
PKP CARGO Falns 6634732 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6634732) (Version: - )
PKP CARGO Falns 6634755 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6634755) (Version: - )
PKP CARGO Falns 6636358 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6636358) (Version: - )
PKP CARGO Falns 6636483 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6636483) (Version: - )
PKP CARGO Falns 6636841 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6636841) (Version: - )
PKP CARGO Falns 6637493 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6637493) (Version: - )
PKP CARGO Falns 6637671 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6637671) (Version: - )
PMDG 737 6700 NGX Expansion FSX (HKLM-x32\...\{C7EE862A-D83D-4A9F-B746-CBDE39BD7001}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.6155 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion (HKLM-x32\...\{E65EFDE6-0864-40BA-8DDF-E31F736D9000}) (Version: 1.10.6036 - PMDG Simulations, LLC.)
Pro Cycling Manager 2017 (HKLM-x32\...\Pro Cycling Manager 2017_is1) (Version: - )
PRO-ATC/X version 1.8.5.0 (HKLM-x32\...\PRO-ATC/X_is1) (Version: 1.8.5.0 - )
Python 2.7.12 (64-bit) (HKLM\...\{9DA28CE5-0AA5-429E-86D8-686ED898C666}) (Version: 2.7.12150 - Python Software Foundation)
Python 2.7.15 (64-bit) (HKLM\...\{16CD92A4-0152-4CB7-8FD6-9788D3363617}) (Version: 2.7.15150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RC Design - ESGG (HKLM-x32\...\RCDESIGN-ESGG-6CC4D0C0-62A1-407D-BC5E-DE8688FA6ED3_is1) (Version: 1.0.0.0 - SimMarket)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Rhone-Alpes PHOTO Vol1 (HKLM-x32\...\Rhone-Alpes PHOTO Vol1) (Version: - )
Rhone-Alpes PHOTO Vol2 (HKLM-x32\...\Rhone-Alpes PHOTO Vol2) (Version: - )
SceneryConfigEditor v1.1.9 (remove only) (HKLM-x32\...\SceneryConfigEditor) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Signer 5.2 (HKLM-x32\...\{A3516568-BFF3-43C0-84A6-ABA553D12887}) (Version: 5.2 - Asseco Central Europe, a. s.)
SimObject Display Engine (HKLM-x32\...\{D8051A82-3D00-44E0-995D-C5E79837E26F}) (Version: 1.6.3 - 12bPilot)
Snapshot (HKLM-x32\...\{8BF7100F-267B-43A2-830F-031F05AC6EF9}) (Version: 1.0.0.73 - PaloDEx Group Oy)
Snapshot usb driver (HKLM-x32\...\{9AA34FD1-344F-4A83-AF79-D0741632AFE0}) (Version: 1.0.0.73 - PaloDEx Group Oy)
SteveFX DX10 Scenery Fixer (HKLM-x32\...\DX10SceneryFixer) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
T2G Ataturk Intl Airport (HKLM-x32\...\FSX_T2G ATATURK_INTL_is1) (Version: 1.0.0.0 - SimMarket)
Train Store (Czech Language Pack) (HKLM-x32\...\Train Store (Czech Language Pack)) (Version: - )
Train Store V3.2 (HKLM-x32\...\Train Store V3.2) (Version: - )
Trať Bratislava-Brno-Praha pro MSTS verze BP90-T12OR/30.3.2016 (HKLM-x32\...\Trať Bratislava-Brno-Praha pro MSTS_is1) (Version: - Zbyněk Šemora)
TreeSize Free V4.0.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.0.3 - JAM Software)
UK2000 Common Library FSX (HKLM-x32\...\UK2000 Common Library FSX) (Version: 3.23 - UK2000 Scenery)
UK2000 Gatwick Xtreme FSX (HKLM-x32\...\UK2000 Gatwick Xtreme FSX) (Version: 3.00 - UK2000 Scenery)
UK2000 Heathrow Xtreme FSX (HKLM-x32\...\UK2000 Heathrow Xtreme FSX) (Version: 3.06 - UK2000 Scenery)
UK2000 Scenery - Manchester Xtreme V2 FSX (HKLM-x32\...\UK2000 Scenery - Manchester Xtreme V2 FSX) (Version: - )
UKBB - Boryspil` International FSX version 1.00 (HKLM-x32\...\{D95966D4-88B8-4899-BE5B-D23CD93C0E19}}_is1) (Version: 1.00 - InterSkyStudio)
UltimateDefrag (HKLM\...\UltimateDefrag) (Version: 5.0.14.0 - DiskTrix, Inc.)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VixWin Platinum (HKLM-x32\...\{49C6E225-8371-4DCF-BF93-18453FEE180C}) (Version: 3.50.000 - Gendex) Hidden
VixWin Platinum (HKLM-x32\...\{81695582-88F8-47A6-8431-C10617AF058A}) (Version: 3.50.000 - Gendex) Hidden
VixWin Platinum (HKLM-x32\...\{F7B7AF40-94DA-11D6-B21D-98B111DACF57}) (Version: 3.50.000 - Gendex)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
vPilot (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\vPilot) (Version: 2.1.11 - Ross Carlson)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1903383002-3755401707-383608710-1001_Classes\CLSID\{6614FE97-812C-4B8B-AD6F-83D07279BF02}\InprocServer32 -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-1903383002-3755401707-383608710-1001_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-08-21] (NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {002824BA-407F-42EA-BDDA-8B45CC2A8408} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-06-09] (ASUS)
Task: {014ADB8E-35E0-4478-8117-FA3A1509037A} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {016B7554-ABE2-4492-BFB4-EED24E93AC67} - System32\Tasks\4982n4126n2647H6893-dll => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {03218FE3-7F81-4330-8696-4F1030E2990A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {05506537-BCFA-44E3-A665-782CE90825D7} - System32\Tasks\program64\zps => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {16384FB7-FD98-4773-8021-CB461B190D97} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {1934820A-2A79-4DEA-AAC4-6D230B020332} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-11] (Dropbox, Inc.)
Task: {2347022D-8661-4425-9B0E-4DF62461ECCB} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek)
Task: {26C666B0-D335-44E4-9C4C-F1D88D204DB8} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {29557706-AF20-4C1E-B3B3-FED7E70033D1} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-04-19] (Tracker Software Products (Canada) Ltd.)
Task: {322B90E7-BE19-4288-BB88-1C83181B1040} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {3ED86263-ACCA-42DE-B2A5-B9CB9415B199} - System32\Tasks\program32\zpstray => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {3FA6746D-25B5-45D8-9416-DFAA6B4CC600} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {4246767F-9FBC-49A5-B463-F4937D44A28B} - System32\Tasks\plugin-container => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {43FA528A-41DE-423D-8566-5396380DD584} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-07-07] ()
Task: {5A663687-DEF8-4CA6-A6BE-6300EB8E1EE4} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {5D3693D9-2256-47CE-B82F-669E07B004BA} - System32\Tasks\plugin-container-exe => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {5E7A7ED2-638C-48C0-A91D-6DC1BCC36F23} - System32\Tasks\{8F7F91FB-A016-4FFA-9DE1-B7BC457744A4} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Activision\Madagascar\Launcher.exe" -d "C:\Program Files (x86)\Activision\Madagascar\"
Task: {6285AE38-4DE6-4D92-9CBC-83B8BC90581C} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6A2B0FB5-1807-4B37-A9DC-1E482A37A0FD} - System32\Tasks\{EE324FF2-D289-489A-9C7C-D2A5620F705B} => C:\WINDOWS\system32\pcalua.exe -a "D:\Program Files (x86)\Mafia II\pc\mafia2.exe" -d "D:\Program Files (x86)\Mafia II\pc"
Task: {6B124FBF-E304-46DB-A8A7-7A916D9C7F4B} - System32\Tasks\firefox => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {6e245b01-5a70-4791-ad28-093ca6102376} - no filepath
Task: {6E3F6680-ED9B-45EF-B5C2-4A2499931242} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12] (Google Inc.)
Task: {7074AE50-9F4A-4F6C-B1B4-6E94BE9ECBD6} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {7544D5B1-3ABD-43DD-B00A-2A532ECCE173} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {8312E761-E331-4102-B93E-AB6BF75796EC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8515C27B-1369-4EE6-B614-3328C211CA34} - System32\Tasks\{052A8318-1DC2-4637-8FEB-B3615336F8A6} => C:\WINDOWS\system32\pcalua.exe -a C:\TopCD\Hřebčín\MG2.exe -d C:\TopCD\Hřebčín
Task: {8D2AF08E-796C-4F5A-9D81-532C646A83F2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {8DDBD722-5DEB-411E-BB75-218EA9B3A35E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {98D5533C-6A8C-4690-B2D4-055927E78905} - System32\Tasks\program64\zpsicfg => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {9A474722-3D49-4B11-8BF3-A3629C9DE78D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {A32D8ECE-F151-46A2-9983-8CCCF87C4A9D} - System32\Tasks\{C847CA93-563B-441E-859C-DECA5A30EE22} => C:\WINDOWS\system32\pcalua.exe -a "D:\Program Files\Launcher.exe" -d "D:\Program Files\"
Task: {A4380437-2F2F-4A69-92D1-0FF8E12771D3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {AEDDCE37-F60C-41CA-B6FE-91CED8CCFC23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {AFE1C255-D5DC-4943-BB90-2133F2B89889} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {B27E80D9-65C8-421C-9DD6-8357EF074374} - System32\Tasks\Driver Booster SkipUAC (Markalous) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {BBE64295-D377-4775-89F4-F5AC6EB7350A} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {BF4DA918-9A88-410E-A0AB-887F68EC707D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {C5F1926A-E903-4173-8F9F-0D25FF511E2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {C949251B-F5FA-4E08-A43A-81D71C3C829E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {D004604A-5EE6-4E07-9A51-D77EFEE2E974} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-11] (Dropbox, Inc.)
Task: {DACDED5F-0A7B-4E3A-A7D1-343A06EB4C94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12] (Google Inc.)
Task: {DDB80382-E4B2-46BF-8B07-2501DE185570} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {DFF546CD-3AF6-420D-934A-360994B52D14} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {E75EA013-F5F5-4553-94A1-50BB74D02C01} - System32\Tasks\{3EEBEAA9-E1FF-401C-BC45-D9E55409F7EE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe" -d C:\Users\Markalous\Desktop
Task: {E854D6A0-EF0B-4F3E-AFCB-CBCBFD4F8882} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {EDB99C48-99AA-4A42-A775-6A091160C929} - System32\Tasks\EPSON XP-530 Series Update {C6EA1A74-8CBC-4115-8FBF-7D18D30037EB} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {F3078371-C996-4E0C-A133-9FEC5FA81174} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {F4D6BF70-7DCE-49C6-AEE7-2FF44A33B7D3} - System32\Tasks\EPSON XP-530 Series Update {A37DACDA-2E2C-445F-ABFD-7B353E4DF652} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {FA31261C-3816-4C46-B63F-BB0463DCEFEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {FD9E2364-5FE1-4AE1-B443-752654C21132} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-14] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-530 Series Update {A37DACDA-2E2C-445F-ABFD-7B353E4DF652}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE:/EXE:{A37DACDA-2E2C-445F-ABFD-7B353E4DF652} /F:UpdateWORKGROUP\MARKALOUSOVO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-530 Series Update {C6EA1A74-8CBC-4115-8FBF-7D18D30037EB}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE:/EXE:{C6EA1A74-8CBC-4115-8FBF-7D18D30037EB} /F:UpdateWORKGROUP\MARKALOUSOVO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-02-14 16:09 - 2012-05-12 02:27 - 000473088 _____ () C:\Program Files (x86)\NetTime\NetTimeService.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-06-13 14:07 - 2018-07-19 22:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-13 14:07 - 2018-07-19 22:19 - 095437352 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-06-13 14:07 - 2018-07-19 22:19 - 003029032 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-06-13 14:07 - 2018-07-19 22:19 - 000149544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-07-25 11:42 - 2018-07-25 11:42 - 004383232 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1807.1991.0_x64__8wekyb3d8bbwe\OneConnect.dll
2017-10-23 12:41 - 2017-10-23 12:41 - 000272384 _____ () C:\Program Files (x86)\PaloDEx Group\IAM\FusionLib.dll
2017-10-24 09:25 - 2017-10-24 09:25 - 000588320 _____ () C:\Program Files (x86)\PaloDEx Group\IAM\s2find.dll
2018-08-17 08:42 - 2018-08-17 08:42 - 000679936 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ECommunicat2762b435#\44a49cc1bb9417e8730f8813c003733a\ECommunicationServerPgPersistor.ni.dll
2018-08-17 08:42 - 2018-08-17 08:42 - 000391680 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\cgm.servermanager\1ee9c23e732128712209880658e6f365\cgm.servermanager.ni.dll
2018-06-13 14:07 - 2018-07-19 22:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-07-10 08:05 - 2018-07-10 08:05 - 017145856 _____ () C:\PROGRAM FILES (X86)\DIALOG MIS\DIALOG_BITMAPS.DLL
2014-05-07 09:34 - 2014-05-07 09:34 - 000200704 _____ () C:\Program Files (x86)\Dialog MIS\DialogCom.dll
2018-08-16 22:31 - 2018-08-16 22:31 - 000173568 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MSQLclio\9f71f5076e3dd8127aeb6f82ca31c0e6\MSQLclio.ni.dll
2016-06-30 08:33 - 2016-06-30 08:33 - 001359872 _____ () C:\Program Files (x86)\Dialog MIS\DialogVbImage.ocx
2005-07-20 12:48 - 2005-07-20 12:48 - 000059904 _____ () C:\Program Files (x86)\Dialog MIS\zlib1.dll
2017-05-29 16:07 - 2017-05-29 16:07 - 000913482 _____ () C:\Program Files (x86)\Dialog MIS\DialogVbRichEdit.ocx
2008-04-17 12:41 - 2008-04-17 12:41 - 000040960 _____ () C:\Program Files (x86)\Dialog MIS\DialogVbPedal.ocx
2010-04-18 15:34 - 2010-04-18 15:34 - 000904704 _____ () C:\Program Files (x86)\Dialog MIS\System.Data.SQLite.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:74603393 [122]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\cpzp.cz -> hxxps://portal.cpzp.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\ozp.cz -> hxxps://portal.ozp.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\portalzp.cz -> hxxps://www.portalzp.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\rbp-zp.cz -> hxxps://portal.rbp-zp.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\servis24.cz -> hxxps://www.servis24.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\vozp.cz -> hxxps://portal.vozp.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\zpskoda.cz -> hxxps://portal.zpskoda.cz
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4746 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2017-09-09 18:42 - 000000859 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 secure.prepar3d.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Markalous\Desktop\Fotky\20180204_143541.jpg
HKU\S-1-5-21-1903383002-3755401707-383608710-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\startupreg: EaseUS TB Tray Agent => "c:\program files (x86)\easeus\traypopup\traytipagent.exe"
MSCONFIG\startupreg: GoogleChromeAutoLaunch_5D7D4019F38896730918709ABCFDAEC2 => "c:\program files (x86)\google\chrome\application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: WebStorage => c:\program files (x86)\asus\webstorage\2.2.2.524\asuswsloader.exe
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "GameFirst3reboot"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "EaseUS TB Tray Agent"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\StartupFolder: => "Microsoft Outlook 2010.lnk"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_5D7D4019F38896730918709ABCFDAEC2"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "GoogleDriveSync"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7933CA56-884E-4C50-94E9-EED22B2DCD2F}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{575B8C41-CEA6-40C9-B464-534223448503}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{ACBD80E4-21A4-47EB-92D7-16EF88133027}] => (Allow) LPort=9898
FirewallRules: [{96DDB0C3-37AE-4212-9712-DB50A3753A51}] => (Allow) C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe
FirewallRules: [{AC027803-40EB-4C54-BC14-9FC13678655A}] => (Allow) C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe
FirewallRules: [{BF0D8F75-C4D9-457B-9357-F9B600BC0130}] => (Allow) LPort=11177
FirewallRules: [{F5E0B752-C347-4009-A34F-D41B5545DA18}] => (Allow) C:\Program Files (x86)\NetTime\NetTimeService.exe
FirewallRules: [{72D96BBB-8800-41B0-82D7-3A1B2E0B7B18}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{8DE95470-22F3-48B4-8B16-4B236E1EED20}] => (Allow) C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe
FirewallRules: [{9F0C4E04-C7D9-4E3B-BA85-0DB0C00D12C5}] => (Allow) C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe
FirewallRules: [{07A0C862-A231-440B-91A4-1D0D68EE349C}] => (Block) C:\Program Files (x86)\Raize\CS5\Bin\CSDispatcher.exe
FirewallRules: [{0E1CBD3B-4E00-4A8F-AD01-F2D6A9AD049C}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{CE5C2DDE-41CC-44B7-A898-E524EFC3E456}] => (Block) %ProgramFiles% (x86)\PMDG Operations Center\PMDG Operations Center.exe
FirewallRules: [{A97D7FC8-5F2B-499E-8295-33A2C7F48706}] => (Block) %ProgramFiles% (x86)\PMDG Operations Center\PMDG Operations Center.exe
FirewallRules: [{5C20292F-72BB-4524-AF55-2D655F2F5C6C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D8818536-9601-42B8-9572-BDA14A54B18B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8DA9F0D1-2771-4A2F-A61F-DACBFDC46AB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{65E9D051-93AC-4E29-A998-54E005808531}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{428F0C21-FC71-42DA-B56A-607C681143AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{515648F3-1E8F-4BD5-AC37-AAB0719C46D6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F89C4F30-FFCA-40C0-B677-4A3ADEEE5648}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A3826635-8963-4A37-A80D-04105211A430}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{5BD93084-CC72-44C7-8775-EE5C1BE72A5A}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{6AB1C6EA-72CD-4E1B-A2EB-30A8A015DE82}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [UDP Query User{2ADAD91F-9FD4-4AE3-859D-8ADCF73A908D}C:\users\markalous\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => (Allow) C:\users\markalous\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [TCP Query User{FC409EC1-4E6F-4B8C-8927-00EDDE1DB807}C:\users\markalous\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => (Allow) C:\users\markalous\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [{338A0273-8A76-4540-B9DB-CE5345AC205D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{C5A10B5E-6E10-48E0-B5BD-540CD6892483}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{52752A48-319C-4CD5-BA50-DE46C4E1802C}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [{485A45E6-3AF7-475F-9F19-88237C4FA440}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [{A761441B-3FC3-47A7-BEA5-0A261DBCE02F}] => (Allow) LPort=12381
FirewallRules: [{31606E01-048C-416B-9B7F-0FCB72369526}] => (Allow) LPort=12343
FirewallRules: [{B2314127-9F03-4B1D-86E6-F430EF9CCC9F}] => (Allow) LPort=12381
FirewallRules: [{C9AE77F6-D7E8-4D8B-BB56-B41FDD5BD6E4}] => (Allow) LPort=12343
FirewallRules: [{50CA420A-001F-47DA-892A-278C73B4FE0C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EA7A084D-90FD-445A-B8B7-659F0B1D57A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{508B2F13-5D82-4409-94E4-9E0BBE1DADEF}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{F52FECEC-CC27-460A-813D-143597B533B7}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{D46FEA6F-5BD8-4C67-9D5C-144B725F5C6B}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{2DDA64EA-4E53-4769-BB4F-7CFB08C2F8A2}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{62E64556-435E-4EC2-B13B-711366A6B1BD}] => (Allow) C:\WINDOWS\system32\ftp.exe
FirewallRules: [{A5C0EDF4-25AF-4822-97AF-B02876C0582D}] => (Allow) C:\WINDOWS\system32\ftp.exe
FirewallRules: [{7535A8C7-C7FF-47B0-8923-791042F6DC54}] => (Allow) C:\WINDOWS\system32\ftp.exe
FirewallRules: [{3C822DE0-7634-4181-A0F2-057887A8CB8E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BBEAF73A-393A-453D-82DD-F1DF733AA3B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3902E867-5A39-42BC-9433-5F7B61FC3871}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{2754EFB9-82F0-4F2D-8E54-44B2014FBEF4}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{CB8F2262-42F2-4D78-B97D-D32725599C7B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{D060F959-161D-45EA-8759-1C1322F953DD}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{0B861E62-F239-43F8-8D95-D51AE2127D3A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{B112EE07-A155-489F-866C-3ED64EFFC9D3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{34FCB938-D539-4F8F-BA6F-F8CC88CAE877}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{59C9483D-987B-42E8-AD39-5B2801692E15}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [TCP Query User{746F87AC-923E-42E7-8F50-D6D8D73A465B}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{C294D4C3-00D6-4D17-B1CF-0179EE52CAE4}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{AE557AF6-9F55-4538-8DD9-82CE08BE984F}] => (Allow) LPort=12343
FirewallRules: [{62D69F45-282A-44D4-B3EA-1D9C3FD44163}] => (Allow) LPort=12381
FirewallRules: [TCP Query User{733BBA2E-07B0-4C74-880E-65D639F408AB}C:\games\pro cycling manager 2017\pcm64.exe] => (Allow) C:\games\pro cycling manager 2017\pcm64.exe
FirewallRules: [UDP Query User{A62A4E07-1A22-4155-8466-9FF6C27757D6}C:\games\pro cycling manager 2017\pcm64.exe] => (Allow) C:\games\pro cycling manager 2017\pcm64.exe
FirewallRules: [{1383922E-B698-492D-81C5-D5D58F0EF223}] => (Allow) LPort=12343
FirewallRules: [{1FB90FA7-8F72-4B01-B6D4-80FF94804D80}] => (Allow) LPort=12381
FirewallRules: [{7034E82B-BCE5-4F9C-B6E9-3D0A6CCA5C3A}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{66D71B0B-4C09-4A8B-982B-50B96BFA95B2}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{351FBAAC-9E5E-4D06-B34E-045945329D2D}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A8B02A75-516A-468E-9881-16F8F3C6E02A}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{F78210FC-E1FB-41E3-BCBD-0D2631F74442}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{34C9391B-49D1-44DB-829A-02001A751EDF}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BF76239D-3463-47F2-8CCC-CFE206B37ED9}] => (Allow) LPort=12343
FirewallRules: [{E8F2DBD4-C798-4C5D-A063-DD66F045D7BE}] => (Allow) LPort=12381
FirewallRules: [{ABAF39C2-25E2-48CD-AD0B-A4948921B1F2}] => (Block) D:\FSX\FS2Crew2010\Versions\PMDG737NGXRB\FS2Crew_NGX_Reboot_Configurator.exe
FirewallRules: [{02F5D20B-E23F-4E23-8484-112636EC552C}] => (Block) D:\FSX\FS2Crew2010\Versions\PMDG737NGXRB\FS2Crew_NGX_Reboot_Configurator.exe
FirewallRules: [{9AAD84F3-65DB-4BEA-AB48-8818B3931963}] => (Block) D:\FSX\FS2Crew2010\Versions\PMDG737NGXRB\FS2Crew_NGX_Reboot_Configurator.exe
FirewallRules: [TCP Query User{955777F3-11A8-4689-9A02-B3EFA260ED17}D:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Block) D:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe
FirewallRules: [UDP Query User{4BB09C5A-2ECB-48CC-92AB-FCDF08D1A407}D:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Block) D:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe
FirewallRules: [{DB3C2BDA-006F-42F0-AA79-C76381B5C16D}] => (Block) D:\FSX\FS2Crew2010\Versions\PMDG777\FS2Crew777.exe
FirewallRules: [{2DA23F1D-2C11-4813-AD77-96B9CC4BC4C3}] => (Block) D:\FSX\FS2Crew2010\Versions\PMDG777\FS2Crew777.exe
FirewallRules: [{8AB954CD-CC77-49F6-81EA-5EE870000A74}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B15D30D4-5142-480A-A94F-10EF0C14855C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7FB656C7-3C6A-4292-96C3-DFB45044961F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{48F05147-DACF-42EE-8EDD-DDEEED001E31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1900596E-10D7-408F-8FCD-B722600C48F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F504D394-8F3F-47DB-8B29-D1D58E6F5792}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EDE432DB-4C9D-4D1B-A099-130FBF4F6C8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
==================== Restore Points =========================
17-08-2018 09:43:40 Instalační služba modulů systému Windows
19-08-2018 11:46:52 Instalační služba modulů systému Windows
20-08-2018 13:44:24 Instalační služba modulů systému Windows
21-08-2018 19:45:15 Instalační služba modulů systému Windows
22-08-2018 21:18:15 Instalační služba modulů systému Windows
23-08-2018 23:19:56 Instalační služba modulů systému Windows
25-08-2018 17:06:04 Instalační služba modulů systému Windows
27-08-2018 09:18:21 Instalační služba modulů systému Windows
28-08-2018 11:17:43 Instalační služba modulů systému Windows
29-08-2018 13:18:17 Instalační služba modulů systému Windows
30-08-2018 23:20:49 Instalační služba modulů systému Windows
01-09-2018 17:38:34 Instalační služba modulů systému Windows
02-09-2018 21:19:20 Instalační služba modulů systému Windows
03-09-2018 22:43:57 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2018 11:38:41 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: *** 2 potential causes identified (significant only if the same cause consistently appears)
Error: (09/03/2018 11:38:41 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7672
Error: (09/03/2018 11:38:41 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7672
Error: (09/03/2018 11:38:41 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: *** Continuously busy for more than a second
Error: (09/03/2018 11:38:40 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: *** 2 potential causes identified (significant only if the same cause consistently appears)
Error: (09/03/2018 11:38:40 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6422
Error: (09/03/2018 11:38:40 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6422
Error: (09/03/2018 11:38:40 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: *** Continuously busy for more than a second
System errors:
=============
Error: (09/04/2018 07:56:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/04/2018 07:54:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/04/2018 07:54:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/04/2018 07:54:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 08:50:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 08:50:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 08:49:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Optimalizace doručení service did not respond on starting.
Error: (09/03/2018 08:44:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2018-08-29 13:46:43.138
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C1977885-492B-40ED-9BA0-1468595CEE7D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-08-29 13:19:15.816
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D748B77D-B9A7-49CB-8867-9D148B54688A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-08-22 15:32:02.665
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {794F2DFD-BDE3-42F4-8D88-B84945C7A5B5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: MARKALOUSOVO\Markalous
Date: 2018-08-22 11:36:30.390
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6E97A642-833D-42D0-B515-4B0A5C722739}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-08-17 08:49:00.686
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BD9AC815-D17C-4982-A272-FE8311BAA406}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-08-12 18:44:59.705
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1073.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2018-08-12 18:44:59.704
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1073.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2018-08-12 18:44:59.704
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1073.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2018-08-12 18:44:56.200
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2018-08-12 18:44:56.177
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200H CPU @ 2.80GHz
Percentage of memory in use: 20%
Total physical RAM: 16273.07 MB
Available physical RAM: 12907.59 MB
Total Virtual: 19345.07 MB
Available Virtual: 15728.36 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:129.54 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:192.5 GB) NTFS
\\?\Volume{372170a0-9323-42de-bb0d-b1aae873c7a6}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{4edfeafc-87e0-4f1b-acc3-23b6275c68fd}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2A2744EF)
Partition: GPT.
==================== End of Addition.txt ============================
-------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by Markalous (04-09-2018 08:01:09)
Running from C:\Users\Markalous\Desktop
Windows 10 Home Version 1803 17134.228 (X64) (2018-05-20 11:01:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1903383002-3755401707-383608710-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1903383002-3755401707-383608710-503 - Limited - Disabled)
Guest (S-1-5-21-1903383002-3755401707-383608710-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1903383002-3755401707-383608710-1004 - Limited - Enabled)
kavokerr_nci_user (S-1-5-21-1903383002-3755401707-383608710-1002 - Limited - Enabled) => C:\Users\kavokerr_nci_user
Markalous (S-1-5-21-1903383002-3755401707-383608710-1001 - Administrator - Enabled) => C:\Users\Markalous
WDAGUtilityAccount (S-1-5-21-1903383002-3755401707-383608710-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{8FD6FE5A-E1E1-47F3-BBE6-FE2B1364DCB8}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{2394186A-5445-4293-B739-352009350342}) (Version: 3.0.0.9 - Intel) Hidden
µTorrent (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Acoustica CD/DVD Label Maker (HKLM-x32\...\Acoustica CD/DVD Label Maker) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Reader 8.1.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A81100000003}) (Version: 8.1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.30 - Aerosoft)
aerosoft's - Approaching Innsbruck X (HKLM-x32\...\{70864384-DD19-44CB-A999-A917F32F623D}) (Version: 1.20 - aerosoft)
Aerosoft's - Bergen X - FSX (HKLM-x32\...\Bergen X - FSX) (Version: 1.04 - Aerosoft)
Aerosoft's - German Airports 1 - Stuttgart - FSX (HKLM-x32\...\German Airports 1 - Stuttgart - FSX) (Version: 2.00 - Aerosoft)
aerosoft's - German Airports 2 - 2012 (FSX) (HKLM-x32\...\{01C3630A-7FD2-46DF-B514-A4B829B0021A}) (Version: 1.01 - aerosoft)
aerosoft's - German Airports 3 - 2012 (FSX) (HKLM-x32\...\{857D0DD6-42D4-4BD7-B299-EA70A064302D}) (Version: 1.04 - aerosoft)
Aerosoft's - Luxembourg Airports (HKLM-x32\...\{F293A032-EB67-4ADC-8646-F1AA7F9E0143}) (Version: 3.20 - Aerosoft)
aerosoft's - Mega Airport Amsterdam FSX (HKLM-x32\...\{0A297C87-BF52-43FD-AD75-EE72228E4457}) (Version: 1.04 - aerosoft)
Aerosoft's - Mega Airport Brussels X (HKLM-x32\...\{CB858C75-8537-4B71-9080-2A4F7D51F128}) (Version: 1.01 - Aerosoft)
Aerosoft's - Mega Airport Budapest (HKLM-x32\...\{AD6C554F-5050-40B1-B84D-51D74A09C7E4}) (Version: 2.00 - Aerosoft)
Aerosoft's - Mega Airport Frankfurt 2.0 - FSX (HKLM-x32\...\Mega Airport Frankfurt 2.0 - FSX) (Version: 2.10 - Aerosoft)
Aerosoft's - Mega Airport Helsinki - FSX (HKLM-x32\...\Mega Airport Helsinki - FSX) (Version: 1.20 - Aerosoft)
Aerosoft's - Mega Airport Lisbon V2.0 - FSX (HKLM-x32\...\Mega Airport Lisbon V2.0 - FSX) (Version: 2.01 - Aerosoft)
aerosoft's - Mega Airport Madrid Barajas (HKLM-x32\...\{8233F99B-C4C2-44E9-8486-374E9B300BF2}) (Version: 1.02 - aerosoft)
Aerosoft's - Mega Airport Oslo 2.0 - FSX (HKLM-x32\...\Mega Airport Oslo 2.0 - FSX) (Version: 1.07 - Aerosoft)
Aerosoft's - Mega Airport Prag - FSX (HKLM-x32\...\Mega Airport Prag - FSX) (Version: 1.05 - Aerosoft)
Aerosoft's - Mega Airport Rome - FSX (HKLM-x32\...\Mega Airport Rome - FSX) (Version: 1.02 - Aerosoft)
Aerosoft's - Mega Airport Zurich V2.0 - FSX (HKLM-x32\...\Mega Airport Zurich V2.0 - FSX) (Version: 1.04 - Aerosoft)
Aerosoft's - Milan Malpensa X - FSX (HKLM-x32\...\Milan Malpensa X - FSX) (Version: 1.14 - Aerosoft)
Aerosoft's - Napoli X - FSX (HKLM-x32\...\Napoli X - FSX) (Version: 1.00 - Aerosoft)
aerosoft's - Venice X (HKLM-x32\...\{74F493A2-1264-4BF2-A135-0184C68BD580}) (Version: 1.00 - aerosoft)
Aerosoft's - VFR Germany 3 (HKLM-x32\...\{61C6337D-EDF5-43F0-9E50-541A389070BD}) (Version: 1.00 - Aerosoft)
Afl0Sim Henri Coanda Airport version 2.4 (HKLM-x32\...\{DA8D38A8-6ECF-4B45-88CC-0A1F00151376}_is1) (Version: 2.4 - Afl0Sim)
AFX Professional License (HKLM-x32\...\afxpro) (Version: - )
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Age of Empires II: HD Edition - Slovenčina (HKLM-x32\...\{9E8F3F5F-6067-4578-B2A8-97DD49B918AB}_is1) (Version: 5.7.0 - Miro "Valec" Valko)
AivlaSoft EFB (HKLM-x32\...\AivlaSoft EFB) (Version: 1.6.8 - AivlaSoft )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.11.0001 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.30 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.91 - ICEpower a/s)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
Backup and Sync from Google (HKLM\...\{AEFBDB5B-899F-4AE6-B789-BA56A652A476}) (Version: 3.42.9858.3671 - Google, Inc.)
BCC 7 OFX 64Bit (HKLM\...\{05D8FAA8-958E-4E47-96DA-F1E043EB01E5}) (Version: 7.0.4 - Boris FX, Inc.)
Boris Continuum Complete 9 OFX for Sony (64-Bit) (HKLM\...\{3DF67BF0-17E8-4537-951C-758102AB87F7}) (Version: 9.0.2005 - Boris FX, Inc.)
Boris FX 10 (64 Bit) (HKLM\...\{BAF3FFCF-4BFC-42C9-A5F3-EF5F55615C29}) (Version: 10.0.1 - Boris FX, Inc.)
Canon MP500 (HKLM\...\{BA4DF4C3-196E-4128-969A-00996B5A46F8}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
ČD Bee 509 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\ČD Bee 509) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6140 - CDBurnerXP)
CLINIVIEW Server Discovery (HKLM-x32\...\{F9316000-808E-453D-8DDF-BE19BE849C7E}) (Version: 1.0.0.3 - Instrumentarium Dental) Hidden
CLINIVIEW Server Discovery (HKLM-x32\...\InstallShield_{F9316000-808E-453D-8DDF-BE19BE849C7E}) (Version: 1.0.0.3 - Instrumentarium Dental)
CodeSite Tools 5.1.4 (HKLM-x32\...\CodeSite Tools 5.1.4) (Version: 5.0 - Raize Software, Inc.)
CompuGroup Medical - (PC DOKTOR / PC DENT) (HKLM-x32\...\{81F07A4F-A47E-4E0F-A75D-D24BD09BB2D8}) (Version: 3.8.1.9893 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - Brevíř (HKLM-x32\...\{2ED5E236-8C33-44A9-8A5E-64780464A80E}) (Version: 1.0.42.142 - CGM)
CompuGroup Medical - CGM SERVER (HKLM-x32\...\{8FE2C676-72E8-4024-9066-710FE32112E8}) (Version: 1.0.0.685 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - Ecommunication (HKLM-x32\...\{3850A53F-8A0E-45E1-9F11-D801237D3694}) (Version: 1.4.183.215 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - eTržby (HKLM-x32\...\{078BC37F-7DBE-49D6-BF20-1516FEEFBDAD}) (Version: 1.1.60.65 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - Kniha objednávek (HKLM-x32\...\{CF314AF7-682B-4C77-B164-6FB0080D2726}) (Version: 1.1.1324.990 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - MEDICAL NET (HKLM-x32\...\{0726B7A2-A8F4-4BE1-A086-A93E9A5BA5BC}) (Version: 4.8.0.346 - CompuGroup Medical Česká republika s.r.o.)
ConBuilder (HKLM-x32\...\ConBuilder) (Version: 2.03.0002 - WeiRuan)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.52 - Conexant)
CPUID HWMonitor 1.35 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.35 - CPUID, Inc.)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.9 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.9 - Monet+,a.s.)
Cue Club 2 (HKLM-x32\...\{098DBB93-C612-41A1-9354-8AFE9A411E92}_is1) (Version: 1.0 - Bulldog Interactive)
CueClub (HKLM-x32\...\{AF6ECA04-F2CC-11D3-9D68-0020781864F1}) (Version: - )
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Digital Design Salzburg (HKLM-x32\...\DIGITALDESIGN-ZALZBURG-5AA2B000-276D-409B-B8E2-0~36C3D109_is1) (Version: 1.0.0.0 - SimMarket)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 399.07 - NVIDIA Corporation) Hidden
Document Express DjVu Plug-in (HKLM\...\{3677A6FF-9C6F-48B7-B0DC-E958C2FE4FFF}) (Version: 6.1.35472 - Cuminas Corporation)
Dropbox (HKLM-x32\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.27.37 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 9.0 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 9.0 - CHENGDU YIWO Tech Development Co., Ltd)
Easy Photo Scan (HKLM-x32\...\{93AEF2AF-86FB-42AD-8392-5DAEC0638B1A}) (Version: 1.00.0012 - Seiko Epson Corporation)
E-Jets v2 World Airliners 1 (v1.0b021) (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\E-Jets v2 World Airliners 1 (v1.0b021)) (Version: - )
E-Jets v2 World Airliners 2 (v1.1b024) (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\E-Jets v2 World Airliners 2 (v1.1b024)) (Version: - )
EKCH Copenhagen Airport, Kastrup X (HKLM-x32\...\{9D5BFBF1-EB38-4AE1-A833-4F564B999CE3}) (Version: 2.0 - Scansim)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{60A3CB9F-4429-4C7A-AA97-77CC4FE10671}) (Version: 4.4.9 - Seiko Epson Corporation)
EPSON XP-530 Series Printer Uninstall (HKLM\...\EPSON XP-530 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - )
FeelThere E-Jets v.2 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\FeelThere E-Jets v.2) (Version: - )
Flight One Software - T182T Skylane TC FSX (HKLM-x32\...\F1T182T) (Version: 1.5 - Flight One Software)
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - )
Flight1 Citation Mustang (HKLM-x32\...\f1mustang_FSX) (Version: 1.08a - Flight One Software)
Flight1 King Air B200 for FSX (HKLM-x32\...\Flight1 King Air B200 for FSX1.3) (Version: 1.3 - Flight One Software)
FS ETR Pack (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\FS ETR Pack) (Version: - )
FS Water Configurator 3.15 (HKLM\...\FS Water Configurator) (Version: - )
FS2Crew: Aerosoft Airbus X Voice Control (HKLM-x32\...\FS2Crew: Aerosoft Airbus X Voice Control) (Version: - )
FS2Crew: Majestic Dash 8 Q400 Special Bundle Pack (HKLM-x32\...\FS2Crew: Majestic Dash 8 Q400 Special Bundle Pack) (Version: - )
FS2Crew: PMDG 737 NGX Reboot Edition (HKLM-x32\...\FS2Crew: PMDG 737 NGX Reboot Edition) (Version: - )
FS2Crew: PMDG 777 (HKLM-x32\...\FS2Crew: PMDG 777) (Version: - )
FSDG-Graz (HKLM-x32\...\FSDG-Graz) (Version: - )
FSDreamTeam GSX FSX (HKLM-x32\...\FSDreamTeam GSX FSX_is1) (Version: 1.8.4 - VIRTUALI s.a.s.)
Fs-Etr485-T-biz (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Fs-Etr485-T-biz) (Version: - )
FTX Global Base Pack (HKLM-x32\...\FTX Global Base Pack1.40) (Version: 1.40 - Orbx Simulation Systems Pty Ltd)
GDANSK POLAND (VERSION 3) (HKLM-x32\...\GDANSK POLAND (VERSION 3)) (Version: - )
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.1 - Gemalto)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GxPicture Driver Suite (HKLM-x32\...\{9E8EC8D6-1AE5-43AC-B2E8-B8B17B095DEB}) (Version: 3.70.000 - Gendex)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
High Definition Environment v2.1 (HKLM\...\{E46C2BF4-6090-4C42-9D26-21A6B3C143AF}) (Version: 1 - Original author Pablo Diaz, FSX update by Danny Glover and Erik BENDER (Rikoooo))
IAM (HKLM-x32\...\{D41F54D9-610D-4D4F-923E-92F410113A37}) (Version: 5.17.16750 - Palodex Group)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{814F3370-B612-46FB-B16F-5B9795365292}) (Version: 19.50.1 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{01f3f6b8-1a81-4b10-b51f-f69af12e1d69}) (Version: 3.0.0.9 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JetStream Designs LFML X 2013 (HKLM-x32\...\FSX_JETSTREAM_DESIGN_LFML_X_2013_is1) (Version: 1.0.0.0 - SimMarket)
Jezdecká akademie (HKLM-x32\...\Jezdecká akademie_is1) (Version: 1.0 - Game shop, s.r.o.)
JustSim - LOWL v1.1 (HKLM-x32\...\JUSTSIM-LOWL-3DC2E9CA-5C68-477C-B424-C31FB0115D68_is1) (Version: 1.1.0.0 - SimMarket)
JustSim-LEBL (HKLM-x32\...\JUSTSIM-LEBL-A3BFDE83-F8FA-4655-A4D8-019F2E6AD15C_is1) (Version: 1.2.0.0 - SimMarket)
JustSim-LFMN (HKLM-x32\...\JUSTSIM-LFMN-F99AB8EC-E05C-4F9E-B8E4-C06D6DEA3CED_is1) (Version: 1.1.0.0 - SimMarket)
KaVo Driver 17.5 (HKLM-x32\...\{6FD7505F-4499-4D7E-BE8E-29E05E1D9194}) (Version: 5.17.16750 - Palodex Group) Hidden
KaVo Driver 17.5 (HKLM-x32\...\InstallShield_{6FD7505F-4499-4D7E-BE8E-29E05E1D9194}) (Version: 5.17.16750 - Palodex Group)
KaVo Kerr Group Discovery Service (HKLM-x32\...\{18C72787-3C90-40D1-8F98-C983772934F8}) (Version: 1.0.16 - KaVo Kerr Group)
K-Lite Mega Codec Pack 12.2.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.2.5 - KLCP)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.1.1 - LG Electronics)
LSGG Geneva Cointrin 2015 (HKLM-x32\...\LSGG_GENEVA_COINTRIN_2015_is1) (Version: 1.0.0.0 - SimMarket)
LWSKv1.1_FSX version 1.1 (HKLM-x32\...\{D5F4C6BD-D851-4199-A79E-5CA2EAC22210}_is1) (Version: 1.1 - Ivano Marongiu | Flight simulator Scenery)
Mailsoft's - Switzerland Professional X (HKLM-x32\...\{C0E7FAD8-F8AE-4819-AEBF-D92562315EEE}) (Version: 1.00 - Mailsoft)
Majestic MJC8Q400 (HKLM-x32\...\MJC8Q400) (Version: - )
Mega Airport Dusseldorf X (HKLM-x32\...\Mega Airport Dusseldorf X) (Version: - )
Microsoft Access database engine 2010 (Spanish) (HKLM\...\{90140000-00D1-0C0A-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration SDK (HKLM-x32\...\{CF56984D-35C6-4ADB-9075-394978A427FB}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.2 (x64 cs)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MSTS Activity Mover, 1.0 (HKLM-x32\...\MSTS Activity Mover_is1) (Version: - Martin Lasevič, ML software)
MSTS Patch 1.7.00819 (HKLM-x32\...\{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}) (Version: 1.7.081920 - George)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
NetTime (HKLM-x32\...\NetTime_is1) (Version: - Mark Griffiths)
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: 3.0 - NewBlue)
NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version: 3.0 - NewBlue)
NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version: 3.0 - NewBlue)
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue ColorFast for Windows (HKLM-x32\...\NewBlue ColorFast for Windows) (Version: 3.0 - NewBlue)
NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Light Blends for Windows (HKLM-x32\...\NewBlue Light Blends for Windows) (Version: 3.0 - NewBlue)
NewBlue Light Effects for Windows (HKLM-x32\...\NewBlue Light Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: 2.4 - NewBlue)
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Paint Blends for Windows (HKLM-x32\...\NewBlue Paint Blends for Windows) (Version: 3.0 - NewBlue)
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Titler Pro 2.0 for Windows (HKLM-x32\...\NewBlue Titler Pro 2.0 for Windows) (Version: 1.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials IV for Windows (HKLM-x32\...\NewBlue Video Essentials IV for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Graphics Driver 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.07 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{1E7B316E-1456-477B-BA30-49A95C425496}) (Version: 20.5.603 - O&O Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpusFSI for FSX, FSX-SE, and Prepar3D Flight Simulators (HKLM-x32\...\{2B80493B-5263-4289-9E61-75786C2F40F2}) (Version: 4.50.2 - Opus Software Limited)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd)
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.33 - ASUS)
PKP CARGO Falns 6634732 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6634732) (Version: - )
PKP CARGO Falns 6634755 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6634755) (Version: - )
PKP CARGO Falns 6636358 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6636358) (Version: - )
PKP CARGO Falns 6636483 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6636483) (Version: - )
PKP CARGO Falns 6636841 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6636841) (Version: - )
PKP CARGO Falns 6637493 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6637493) (Version: - )
PKP CARGO Falns 6637671 (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\PKP CARGO Falns 6637671) (Version: - )
PMDG 737 6700 NGX Expansion FSX (HKLM-x32\...\{C7EE862A-D83D-4A9F-B746-CBDE39BD7001}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.6155 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion (HKLM-x32\...\{E65EFDE6-0864-40BA-8DDF-E31F736D9000}) (Version: 1.10.6036 - PMDG Simulations, LLC.)
Pro Cycling Manager 2017 (HKLM-x32\...\Pro Cycling Manager 2017_is1) (Version: - )
PRO-ATC/X version 1.8.5.0 (HKLM-x32\...\PRO-ATC/X_is1) (Version: 1.8.5.0 - )
Python 2.7.12 (64-bit) (HKLM\...\{9DA28CE5-0AA5-429E-86D8-686ED898C666}) (Version: 2.7.12150 - Python Software Foundation)
Python 2.7.15 (64-bit) (HKLM\...\{16CD92A4-0152-4CB7-8FD6-9788D3363617}) (Version: 2.7.15150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RC Design - ESGG (HKLM-x32\...\RCDESIGN-ESGG-6CC4D0C0-62A1-407D-BC5E-DE8688FA6ED3_is1) (Version: 1.0.0.0 - SimMarket)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Rhone-Alpes PHOTO Vol1 (HKLM-x32\...\Rhone-Alpes PHOTO Vol1) (Version: - )
Rhone-Alpes PHOTO Vol2 (HKLM-x32\...\Rhone-Alpes PHOTO Vol2) (Version: - )
SceneryConfigEditor v1.1.9 (remove only) (HKLM-x32\...\SceneryConfigEditor) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Signer 5.2 (HKLM-x32\...\{A3516568-BFF3-43C0-84A6-ABA553D12887}) (Version: 5.2 - Asseco Central Europe, a. s.)
SimObject Display Engine (HKLM-x32\...\{D8051A82-3D00-44E0-995D-C5E79837E26F}) (Version: 1.6.3 - 12bPilot)
Snapshot (HKLM-x32\...\{8BF7100F-267B-43A2-830F-031F05AC6EF9}) (Version: 1.0.0.73 - PaloDEx Group Oy)
Snapshot usb driver (HKLM-x32\...\{9AA34FD1-344F-4A83-AF79-D0741632AFE0}) (Version: 1.0.0.73 - PaloDEx Group Oy)
SteveFX DX10 Scenery Fixer (HKLM-x32\...\DX10SceneryFixer) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
T2G Ataturk Intl Airport (HKLM-x32\...\FSX_T2G ATATURK_INTL_is1) (Version: 1.0.0.0 - SimMarket)
Train Store (Czech Language Pack) (HKLM-x32\...\Train Store (Czech Language Pack)) (Version: - )
Train Store V3.2 (HKLM-x32\...\Train Store V3.2) (Version: - )
Trať Bratislava-Brno-Praha pro MSTS verze BP90-T12OR/30.3.2016 (HKLM-x32\...\Trať Bratislava-Brno-Praha pro MSTS_is1) (Version: - Zbyněk Šemora)
TreeSize Free V4.0.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.0.3 - JAM Software)
UK2000 Common Library FSX (HKLM-x32\...\UK2000 Common Library FSX) (Version: 3.23 - UK2000 Scenery)
UK2000 Gatwick Xtreme FSX (HKLM-x32\...\UK2000 Gatwick Xtreme FSX) (Version: 3.00 - UK2000 Scenery)
UK2000 Heathrow Xtreme FSX (HKLM-x32\...\UK2000 Heathrow Xtreme FSX) (Version: 3.06 - UK2000 Scenery)
UK2000 Scenery - Manchester Xtreme V2 FSX (HKLM-x32\...\UK2000 Scenery - Manchester Xtreme V2 FSX) (Version: - )
UKBB - Boryspil` International FSX version 1.00 (HKLM-x32\...\{D95966D4-88B8-4899-BE5B-D23CD93C0E19}}_is1) (Version: 1.00 - InterSkyStudio)
UltimateDefrag (HKLM\...\UltimateDefrag) (Version: 5.0.14.0 - DiskTrix, Inc.)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VixWin Platinum (HKLM-x32\...\{49C6E225-8371-4DCF-BF93-18453FEE180C}) (Version: 3.50.000 - Gendex) Hidden
VixWin Platinum (HKLM-x32\...\{81695582-88F8-47A6-8431-C10617AF058A}) (Version: 3.50.000 - Gendex) Hidden
VixWin Platinum (HKLM-x32\...\{F7B7AF40-94DA-11D6-B21D-98B111DACF57}) (Version: 3.50.000 - Gendex)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
vPilot (HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\vPilot) (Version: 2.1.11 - Ross Carlson)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1903383002-3755401707-383608710-1001_Classes\CLSID\{6614FE97-812C-4B8B-AD6F-83D07279BF02}\InprocServer32 -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-1903383002-3755401707-383608710-1001_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-08-21] (NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {002824BA-407F-42EA-BDDA-8B45CC2A8408} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-06-09] (ASUS)
Task: {014ADB8E-35E0-4478-8117-FA3A1509037A} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {016B7554-ABE2-4492-BFB4-EED24E93AC67} - System32\Tasks\4982n4126n2647H6893-dll => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {03218FE3-7F81-4330-8696-4F1030E2990A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {05506537-BCFA-44E3-A665-782CE90825D7} - System32\Tasks\program64\zps => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {16384FB7-FD98-4773-8021-CB461B190D97} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {1934820A-2A79-4DEA-AAC4-6D230B020332} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-11] (Dropbox, Inc.)
Task: {2347022D-8661-4425-9B0E-4DF62461ECCB} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek)
Task: {26C666B0-D335-44E4-9C4C-F1D88D204DB8} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {29557706-AF20-4C1E-B3B3-FED7E70033D1} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-04-19] (Tracker Software Products (Canada) Ltd.)
Task: {322B90E7-BE19-4288-BB88-1C83181B1040} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {3ED86263-ACCA-42DE-B2A5-B9CB9415B199} - System32\Tasks\program32\zpstray => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {3FA6746D-25B5-45D8-9416-DFAA6B4CC600} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {4246767F-9FBC-49A5-B463-F4937D44A28B} - System32\Tasks\plugin-container => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {43FA528A-41DE-423D-8566-5396380DD584} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-07-07] ()
Task: {5A663687-DEF8-4CA6-A6BE-6300EB8E1EE4} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {5D3693D9-2256-47CE-B82F-669E07B004BA} - System32\Tasks\plugin-container-exe => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {5E7A7ED2-638C-48C0-A91D-6DC1BCC36F23} - System32\Tasks\{8F7F91FB-A016-4FFA-9DE1-B7BC457744A4} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Activision\Madagascar\Launcher.exe" -d "C:\Program Files (x86)\Activision\Madagascar\"
Task: {6285AE38-4DE6-4D92-9CBC-83B8BC90581C} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6A2B0FB5-1807-4B37-A9DC-1E482A37A0FD} - System32\Tasks\{EE324FF2-D289-489A-9C7C-D2A5620F705B} => C:\WINDOWS\system32\pcalua.exe -a "D:\Program Files (x86)\Mafia II\pc\mafia2.exe" -d "D:\Program Files (x86)\Mafia II\pc"
Task: {6B124FBF-E304-46DB-A8A7-7A916D9C7F4B} - System32\Tasks\firefox => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {6e245b01-5a70-4791-ad28-093ca6102376} - no filepath
Task: {6E3F6680-ED9B-45EF-B5C2-4A2499931242} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12] (Google Inc.)
Task: {7074AE50-9F4A-4F6C-B1B4-6E94BE9ECBD6} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {7544D5B1-3ABD-43DD-B00A-2A532ECCE173} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {8312E761-E331-4102-B93E-AB6BF75796EC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8515C27B-1369-4EE6-B614-3328C211CA34} - System32\Tasks\{052A8318-1DC2-4637-8FEB-B3615336F8A6} => C:\WINDOWS\system32\pcalua.exe -a C:\TopCD\Hřebčín\MG2.exe -d C:\TopCD\Hřebčín
Task: {8D2AF08E-796C-4F5A-9D81-532C646A83F2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {8DDBD722-5DEB-411E-BB75-218EA9B3A35E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {98D5533C-6A8C-4690-B2D4-055927E78905} - System32\Tasks\program64\zpsicfg => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {9A474722-3D49-4B11-8BF3-A3629C9DE78D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {A32D8ECE-F151-46A2-9983-8CCCF87C4A9D} - System32\Tasks\{C847CA93-563B-441E-859C-DECA5A30EE22} => C:\WINDOWS\system32\pcalua.exe -a "D:\Program Files\Launcher.exe" -d "D:\Program Files\"
Task: {A4380437-2F2F-4A69-92D1-0FF8E12771D3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {AEDDCE37-F60C-41CA-B6FE-91CED8CCFC23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {AFE1C255-D5DC-4943-BB90-2133F2B89889} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {B27E80D9-65C8-421C-9DD6-8357EF074374} - System32\Tasks\Driver Booster SkipUAC (Markalous) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {BBE64295-D377-4775-89F4-F5AC6EB7350A} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {BF4DA918-9A88-410E-A0AB-887F68EC707D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {C5F1926A-E903-4173-8F9F-0D25FF511E2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {C949251B-F5FA-4E08-A43A-81D71C3C829E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {D004604A-5EE6-4E07-9A51-D77EFEE2E974} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-11] (Dropbox, Inc.)
Task: {DACDED5F-0A7B-4E3A-A7D1-343A06EB4C94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12] (Google Inc.)
Task: {DDB80382-E4B2-46BF-8B07-2501DE185570} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {DFF546CD-3AF6-420D-934A-360994B52D14} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {E75EA013-F5F5-4553-94A1-50BB74D02C01} - System32\Tasks\{3EEBEAA9-E1FF-401C-BC45-D9E55409F7EE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe" -d C:\Users\Markalous\Desktop
Task: {E854D6A0-EF0B-4F3E-AFCB-CBCBFD4F8882} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {EDB99C48-99AA-4A42-A775-6A091160C929} - System32\Tasks\EPSON XP-530 Series Update {C6EA1A74-8CBC-4115-8FBF-7D18D30037EB} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {F3078371-C996-4E0C-A133-9FEC5FA81174} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {F4D6BF70-7DCE-49C6-AEE7-2FF44A33B7D3} - System32\Tasks\EPSON XP-530 Series Update {A37DACDA-2E2C-445F-ABFD-7B353E4DF652} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {FA31261C-3816-4C46-B63F-BB0463DCEFEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {FD9E2364-5FE1-4AE1-B443-752654C21132} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-14] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-530 Series Update {A37DACDA-2E2C-445F-ABFD-7B353E4DF652}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE:/EXE:{A37DACDA-2E2C-445F-ABFD-7B353E4DF652} /F:UpdateWORKGROUP\MARKALOUSOVO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-530 Series Update {C6EA1A74-8CBC-4115-8FBF-7D18D30037EB}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE:/EXE:{C6EA1A74-8CBC-4115-8FBF-7D18D30037EB} /F:UpdateWORKGROUP\MARKALOUSOVO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-02-14 16:09 - 2012-05-12 02:27 - 000473088 _____ () C:\Program Files (x86)\NetTime\NetTimeService.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-06-13 14:07 - 2018-07-19 22:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-08-15 12:13 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-13 14:07 - 2018-07-19 22:19 - 095437352 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-06-13 14:07 - 2018-07-19 22:19 - 003029032 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-06-13 14:07 - 2018-07-19 22:19 - 000149544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-07-25 11:42 - 2018-07-25 11:42 - 004383232 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1807.1991.0_x64__8wekyb3d8bbwe\OneConnect.dll
2017-10-23 12:41 - 2017-10-23 12:41 - 000272384 _____ () C:\Program Files (x86)\PaloDEx Group\IAM\FusionLib.dll
2017-10-24 09:25 - 2017-10-24 09:25 - 000588320 _____ () C:\Program Files (x86)\PaloDEx Group\IAM\s2find.dll
2018-08-17 08:42 - 2018-08-17 08:42 - 000679936 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ECommunicat2762b435#\44a49cc1bb9417e8730f8813c003733a\ECommunicationServerPgPersistor.ni.dll
2018-08-17 08:42 - 2018-08-17 08:42 - 000391680 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\cgm.servermanager\1ee9c23e732128712209880658e6f365\cgm.servermanager.ni.dll
2018-06-13 14:07 - 2018-07-19 22:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-07-10 08:05 - 2018-07-10 08:05 - 017145856 _____ () C:\PROGRAM FILES (X86)\DIALOG MIS\DIALOG_BITMAPS.DLL
2014-05-07 09:34 - 2014-05-07 09:34 - 000200704 _____ () C:\Program Files (x86)\Dialog MIS\DialogCom.dll
2018-08-16 22:31 - 2018-08-16 22:31 - 000173568 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MSQLclio\9f71f5076e3dd8127aeb6f82ca31c0e6\MSQLclio.ni.dll
2016-06-30 08:33 - 2016-06-30 08:33 - 001359872 _____ () C:\Program Files (x86)\Dialog MIS\DialogVbImage.ocx
2005-07-20 12:48 - 2005-07-20 12:48 - 000059904 _____ () C:\Program Files (x86)\Dialog MIS\zlib1.dll
2017-05-29 16:07 - 2017-05-29 16:07 - 000913482 _____ () C:\Program Files (x86)\Dialog MIS\DialogVbRichEdit.ocx
2008-04-17 12:41 - 2008-04-17 12:41 - 000040960 _____ () C:\Program Files (x86)\Dialog MIS\DialogVbPedal.ocx
2010-04-18 15:34 - 2010-04-18 15:34 - 000904704 _____ () C:\Program Files (x86)\Dialog MIS\System.Data.SQLite.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:74603393 [122]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\cpzp.cz -> hxxps://portal.cpzp.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\ozp.cz -> hxxps://portal.ozp.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\portalzp.cz -> hxxps://www.portalzp.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\rbp-zp.cz -> hxxps://portal.rbp-zp.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\servis24.cz -> hxxps://www.servis24.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\vozp.cz -> hxxps://portal.vozp.cz
IE trusted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\zpskoda.cz -> hxxps://portal.zpskoda.cz
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4746 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2017-09-09 18:42 - 000000859 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 secure.prepar3d.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Markalous\Desktop\Fotky\20180204_143541.jpg
HKU\S-1-5-21-1903383002-3755401707-383608710-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\startupreg: EaseUS TB Tray Agent => "c:\program files (x86)\easeus\traypopup\traytipagent.exe"
MSCONFIG\startupreg: GoogleChromeAutoLaunch_5D7D4019F38896730918709ABCFDAEC2 => "c:\program files (x86)\google\chrome\application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: WebStorage => c:\program files (x86)\asus\webstorage\2.2.2.524\asuswsloader.exe
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "GameFirst3reboot"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "EaseUS TB Tray Agent"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\StartupFolder: => "Microsoft Outlook 2010.lnk"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_5D7D4019F38896730918709ABCFDAEC2"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\StartupApproved\Run: => "GoogleDriveSync"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7933CA56-884E-4C50-94E9-EED22B2DCD2F}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{575B8C41-CEA6-40C9-B464-534223448503}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{ACBD80E4-21A4-47EB-92D7-16EF88133027}] => (Allow) LPort=9898
FirewallRules: [{96DDB0C3-37AE-4212-9712-DB50A3753A51}] => (Allow) C:\Program Files (x86)\PaloDEx Group\IAM\broker_proxy.exe
FirewallRules: [{AC027803-40EB-4C54-BC14-9FC13678655A}] => (Allow) C:\Program Files (x86)\PaloDEx Group\IAM\nci_broker.exe
FirewallRules: [{BF0D8F75-C4D9-457B-9357-F9B600BC0130}] => (Allow) LPort=11177
FirewallRules: [{F5E0B752-C347-4009-A34F-D41B5545DA18}] => (Allow) C:\Program Files (x86)\NetTime\NetTimeService.exe
FirewallRules: [{72D96BBB-8800-41B0-82D7-3A1B2E0B7B18}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{8DE95470-22F3-48B4-8B16-4B236E1EED20}] => (Allow) C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe
FirewallRules: [{9F0C4E04-C7D9-4E3B-BA85-0DB0C00D12C5}] => (Allow) C:\Program Files (x86)\KaVo Kerr Group\Discovery Service\mDNSResponder.exe
FirewallRules: [{07A0C862-A231-440B-91A4-1D0D68EE349C}] => (Block) C:\Program Files (x86)\Raize\CS5\Bin\CSDispatcher.exe
FirewallRules: [{0E1CBD3B-4E00-4A8F-AD01-F2D6A9AD049C}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{CE5C2DDE-41CC-44B7-A898-E524EFC3E456}] => (Block) %ProgramFiles% (x86)\PMDG Operations Center\PMDG Operations Center.exe
FirewallRules: [{A97D7FC8-5F2B-499E-8295-33A2C7F48706}] => (Block) %ProgramFiles% (x86)\PMDG Operations Center\PMDG Operations Center.exe
FirewallRules: [{5C20292F-72BB-4524-AF55-2D655F2F5C6C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D8818536-9601-42B8-9572-BDA14A54B18B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8DA9F0D1-2771-4A2F-A61F-DACBFDC46AB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{65E9D051-93AC-4E29-A998-54E005808531}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{428F0C21-FC71-42DA-B56A-607C681143AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{515648F3-1E8F-4BD5-AC37-AAB0719C46D6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F89C4F30-FFCA-40C0-B677-4A3ADEEE5648}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A3826635-8963-4A37-A80D-04105211A430}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{5BD93084-CC72-44C7-8775-EE5C1BE72A5A}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{6AB1C6EA-72CD-4E1B-A2EB-30A8A015DE82}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [UDP Query User{2ADAD91F-9FD4-4AE3-859D-8ADCF73A908D}C:\users\markalous\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => (Allow) C:\users\markalous\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [TCP Query User{FC409EC1-4E6F-4B8C-8927-00EDDE1DB807}C:\users\markalous\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => (Allow) C:\users\markalous\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [{338A0273-8A76-4540-B9DB-CE5345AC205D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{C5A10B5E-6E10-48E0-B5BD-540CD6892483}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{52752A48-319C-4CD5-BA50-DE46C4E1802C}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [{485A45E6-3AF7-475F-9F19-88237C4FA440}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [{A761441B-3FC3-47A7-BEA5-0A261DBCE02F}] => (Allow) LPort=12381
FirewallRules: [{31606E01-048C-416B-9B7F-0FCB72369526}] => (Allow) LPort=12343
FirewallRules: [{B2314127-9F03-4B1D-86E6-F430EF9CCC9F}] => (Allow) LPort=12381
FirewallRules: [{C9AE77F6-D7E8-4D8B-BB56-B41FDD5BD6E4}] => (Allow) LPort=12343
FirewallRules: [{50CA420A-001F-47DA-892A-278C73B4FE0C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EA7A084D-90FD-445A-B8B7-659F0B1D57A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{508B2F13-5D82-4409-94E4-9E0BBE1DADEF}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{F52FECEC-CC27-460A-813D-143597B533B7}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{D46FEA6F-5BD8-4C67-9D5C-144B725F5C6B}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{2DDA64EA-4E53-4769-BB4F-7CFB08C2F8A2}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{62E64556-435E-4EC2-B13B-711366A6B1BD}] => (Allow) C:\WINDOWS\system32\ftp.exe
FirewallRules: [{A5C0EDF4-25AF-4822-97AF-B02876C0582D}] => (Allow) C:\WINDOWS\system32\ftp.exe
FirewallRules: [{7535A8C7-C7FF-47B0-8923-791042F6DC54}] => (Allow) C:\WINDOWS\system32\ftp.exe
FirewallRules: [{3C822DE0-7634-4181-A0F2-057887A8CB8E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BBEAF73A-393A-453D-82DD-F1DF733AA3B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3902E867-5A39-42BC-9433-5F7B61FC3871}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{2754EFB9-82F0-4F2D-8E54-44B2014FBEF4}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{CB8F2262-42F2-4D78-B97D-D32725599C7B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{D060F959-161D-45EA-8759-1C1322F953DD}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{0B861E62-F239-43F8-8D95-D51AE2127D3A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{B112EE07-A155-489F-866C-3ED64EFFC9D3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{34FCB938-D539-4F8F-BA6F-F8CC88CAE877}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{59C9483D-987B-42E8-AD39-5B2801692E15}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [TCP Query User{746F87AC-923E-42E7-8F50-D6D8D73A465B}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{C294D4C3-00D6-4D17-B1CF-0179EE52CAE4}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{AE557AF6-9F55-4538-8DD9-82CE08BE984F}] => (Allow) LPort=12343
FirewallRules: [{62D69F45-282A-44D4-B3EA-1D9C3FD44163}] => (Allow) LPort=12381
FirewallRules: [TCP Query User{733BBA2E-07B0-4C74-880E-65D639F408AB}C:\games\pro cycling manager 2017\pcm64.exe] => (Allow) C:\games\pro cycling manager 2017\pcm64.exe
FirewallRules: [UDP Query User{A62A4E07-1A22-4155-8466-9FF6C27757D6}C:\games\pro cycling manager 2017\pcm64.exe] => (Allow) C:\games\pro cycling manager 2017\pcm64.exe
FirewallRules: [{1383922E-B698-492D-81C5-D5D58F0EF223}] => (Allow) LPort=12343
FirewallRules: [{1FB90FA7-8F72-4B01-B6D4-80FF94804D80}] => (Allow) LPort=12381
FirewallRules: [{7034E82B-BCE5-4F9C-B6E9-3D0A6CCA5C3A}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{66D71B0B-4C09-4A8B-982B-50B96BFA95B2}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{351FBAAC-9E5E-4D06-B34E-045945329D2D}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A8B02A75-516A-468E-9881-16F8F3C6E02A}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{F78210FC-E1FB-41E3-BCBD-0D2631F74442}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{34C9391B-49D1-44DB-829A-02001A751EDF}] => (Allow) C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BF76239D-3463-47F2-8CCC-CFE206B37ED9}] => (Allow) LPort=12343
FirewallRules: [{E8F2DBD4-C798-4C5D-A063-DD66F045D7BE}] => (Allow) LPort=12381
FirewallRules: [{ABAF39C2-25E2-48CD-AD0B-A4948921B1F2}] => (Block) D:\FSX\FS2Crew2010\Versions\PMDG737NGXRB\FS2Crew_NGX_Reboot_Configurator.exe
FirewallRules: [{02F5D20B-E23F-4E23-8484-112636EC552C}] => (Block) D:\FSX\FS2Crew2010\Versions\PMDG737NGXRB\FS2Crew_NGX_Reboot_Configurator.exe
FirewallRules: [{9AAD84F3-65DB-4BEA-AB48-8818B3931963}] => (Block) D:\FSX\FS2Crew2010\Versions\PMDG737NGXRB\FS2Crew_NGX_Reboot_Configurator.exe
FirewallRules: [TCP Query User{955777F3-11A8-4689-9A02-B3EFA260ED17}D:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Block) D:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe
FirewallRules: [UDP Query User{4BB09C5A-2ECB-48CC-92AB-FCDF08D1A407}D:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe] => (Block) D:\program files (x86)\aivlasoft\efb\aivlasoft.efb.dataprovider.exe
FirewallRules: [{DB3C2BDA-006F-42F0-AA79-C76381B5C16D}] => (Block) D:\FSX\FS2Crew2010\Versions\PMDG777\FS2Crew777.exe
FirewallRules: [{2DA23F1D-2C11-4813-AD77-96B9CC4BC4C3}] => (Block) D:\FSX\FS2Crew2010\Versions\PMDG777\FS2Crew777.exe
FirewallRules: [{8AB954CD-CC77-49F6-81EA-5EE870000A74}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B15D30D4-5142-480A-A94F-10EF0C14855C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7FB656C7-3C6A-4292-96C3-DFB45044961F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{48F05147-DACF-42EE-8EDD-DDEEED001E31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1900596E-10D7-408F-8FCD-B722600C48F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F504D394-8F3F-47DB-8B29-D1D58E6F5792}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EDE432DB-4C9D-4D1B-A099-130FBF4F6C8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
==================== Restore Points =========================
17-08-2018 09:43:40 Instalační služba modulů systému Windows
19-08-2018 11:46:52 Instalační služba modulů systému Windows
20-08-2018 13:44:24 Instalační služba modulů systému Windows
21-08-2018 19:45:15 Instalační služba modulů systému Windows
22-08-2018 21:18:15 Instalační služba modulů systému Windows
23-08-2018 23:19:56 Instalační služba modulů systému Windows
25-08-2018 17:06:04 Instalační služba modulů systému Windows
27-08-2018 09:18:21 Instalační služba modulů systému Windows
28-08-2018 11:17:43 Instalační služba modulů systému Windows
29-08-2018 13:18:17 Instalační služba modulů systému Windows
30-08-2018 23:20:49 Instalační služba modulů systému Windows
01-09-2018 17:38:34 Instalační služba modulů systému Windows
02-09-2018 21:19:20 Instalační služba modulů systému Windows
03-09-2018 22:43:57 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2018 11:38:41 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: *** 2 potential causes identified (significant only if the same cause consistently appears)
Error: (09/03/2018 11:38:41 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7672
Error: (09/03/2018 11:38:41 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7672
Error: (09/03/2018 11:38:41 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: *** Continuously busy for more than a second
Error: (09/03/2018 11:38:40 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: *** 2 potential causes identified (significant only if the same cause consistently appears)
Error: (09/03/2018 11:38:40 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6422
Error: (09/03/2018 11:38:40 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6422
Error: (09/03/2018 11:38:40 PM) (Source: kkgdiscovery) (EventID: 100) (User: )
Description: Task Scheduling Error: *** Continuously busy for more than a second
System errors:
=============
Error: (09/04/2018 07:56:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/04/2018 07:54:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/04/2018 07:54:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/04/2018 07:54:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 08:50:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 08:50:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 08:49:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Optimalizace doručení service did not respond on starting.
Error: (09/03/2018 08:44:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2018-08-29 13:46:43.138
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C1977885-492B-40ED-9BA0-1468595CEE7D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-08-29 13:19:15.816
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D748B77D-B9A7-49CB-8867-9D148B54688A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-08-22 15:32:02.665
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {794F2DFD-BDE3-42F4-8D88-B84945C7A5B5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: MARKALOUSOVO\Markalous
Date: 2018-08-22 11:36:30.390
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6E97A642-833D-42D0-B515-4B0A5C722739}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-08-17 08:49:00.686
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BD9AC815-D17C-4982-A272-FE8311BAA406}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-08-12 18:44:59.705
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1073.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2018-08-12 18:44:59.704
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1073.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2018-08-12 18:44:59.704
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1073.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2018-08-12 18:44:56.200
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Date: 2018-08-12 18:44:56.177
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200H CPU @ 2.80GHz
Percentage of memory in use: 20%
Total physical RAM: 16273.07 MB
Available physical RAM: 12907.59 MB
Total Virtual: 19345.07 MB
Available Virtual: 15728.36 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:129.54 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:192.5 GB) NTFS
\\?\Volume{372170a0-9323-42de-bb0d-b1aae873c7a6}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{4edfeafc-87e0-4f1b-acc3-23b6275c68fd}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2A2744EF)
Partition: GPT.
==================== End of Addition.txt ============================
Re: prevence po dlouhe dobe
Jedna breberka se Vam tam usidlila. Po restartu dejte vedet, jak se PC chova.- Znovu spustte FRST.exe/FRST64.exe
- stisknete Ctrl + y (obe klavesy zaroven)
- otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
- stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
- kliknete na tlacitko Fix
- po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi
Kód: Vybrat vše
Start CreateRestorePoint: CloseProcesses: File: C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll Folder: C:\ProgramData\4982n4126n2647H6893 File: C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2007-10-10] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation) HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\MountPoints2: {21380089-d60d-11e5-9c1f-4c3488b4c12e} - "F:\AUTORUN.EXE" ShellExecuteHooks: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> DefaultScope {AE14A255-747F-4FF8-BA39-73E5007E2D6F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {AE14A255-747F-4FF8-BA39-73E5007E2D6F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File 2018-09-03 10:05 - 2016-02-05 12:18 - 000000000 ____D C:\Program Files\trend micro ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> No File ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File Task: {016B7554-ABE2-4492-BFB4-EED24E93AC67} - System32\Tasks\4982n4126n2647H6893-dll => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY Task: {05506537-BCFA-44E3-A665-782CE90825D7} - System32\Tasks\program64\zps => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY Task: {3ED86263-ACCA-42DE-B2A5-B9CB9415B199} - System32\Tasks\program32\zpstray => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY Task: {4246767F-9FBC-49A5-B463-F4937D44A28B} - System32\Tasks\plugin-container => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY Task: {5D3693D9-2256-47CE-B82F-669E07B004BA} - System32\Tasks\plugin-container-exe => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY Task: {5E7A7ED2-638C-48C0-A91D-6DC1BCC36F23} - System32\Tasks\{8F7F91FB-A016-4FFA-9DE1-B7BC457744A4} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Activision\Madagascar\Launcher.exe" -d "C:\Program Files (x86)\Activision\Madagascar\" Task: {6A2B0FB5-1807-4B37-A9DC-1E482A37A0FD} - System32\Tasks\{EE324FF2-D289-489A-9C7C-D2A5620F705B} => C:\WINDOWS\system32\pcalua.exe -a "D:\Program Files (x86)\Mafia II\pc\mafia2.exe" -d "D:\Program Files (x86)\Mafia II\pc" Task: {6B124FBF-E304-46DB-A8A7-7A916D9C7F4B} - System32\Tasks\firefox => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY Task: {6e245b01-5a70-4791-ad28-093ca6102376} - no filepath Task: {8312E761-E331-4102-B93E-AB6BF75796EC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {8515C27B-1369-4EE6-B614-3328C211CA34} - System32\Tasks\{052A8318-1DC2-4637-8FEB-B3615336F8A6} => C:\WINDOWS\system32\pcalua.exe -a C:\TopCD\Hřebčín\MG2.exe -d C:\TopCD\Hřebčín Task: {98D5533C-6A8C-4690-B2D4-055927E78905} - System32\Tasks\program64\zpsicfg => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY Task: {A32D8ECE-F151-46A2-9983-8CCCF87C4A9D} - System32\Tasks\{C847CA93-563B-441E-859C-DECA5A30EE22} => C:\WINDOWS\system32\pcalua.exe -a "D:\Program Files\Launcher.exe" -d "D:\Program Files\" Task: {B27E80D9-65C8-421C-9DD6-8357EF074374} - System32\Tasks\Driver Booster SkipUAC (Markalous) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe AlternateDataStreams: C:\ProgramData\Temp:74603393 [122] FirewallRules: [{A3826635-8963-4A37-A80D-04105211A430}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{5BD93084-CC72-44C7-8775-EE5C1BE72A5A}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{6AB1C6EA-72CD-4E1B-A2EB-30A8A015DE82}] => (Allow) C:\WINDOWS\system32\rundll32.exe C:\ProgramData\4982n4126n2647H6893 EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: prevence po dlouhe dobe
Změny se nijak zvlášť neprojevily. Start systému je dost pomalý, ale není to zase až taková tragédie.
-------------------------------------------------------------------------------------------------------
Fix result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by Markalous (04-09-2018 19:57:08) Run:1
Running from C:\Users\Markalous\Desktop\Údržba
Loaded Profiles: Markalous & kavokerr_nci_user (Available Profiles: Markalous & kavokerr_nci_user & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll
Folder: C:\ProgramData\4982n4126n2647H6893
File: C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2007-10-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\MountPoints2: {21380089-d60d-11e5-9c1f-4c3488b4c12e} - "F:\AUTORUN.EXE"
ShellExecuteHooks: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> DefaultScope {AE14A255-747F-4FF8-BA39-73E5007E2D6F} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {AE14A255-747F-4FF8-BA39-73E5007E2D6F} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
2018-09-03 10:05 - 2016-02-05 12:18 - 000000000 ____D C:\Program Files\trend micro
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
Task: {016B7554-ABE2-4492-BFB4-EED24E93AC67} - System32\Tasks\4982n4126n2647H6893-dll => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {05506537-BCFA-44E3-A665-782CE90825D7} - System32\Tasks\program64\zps => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {3ED86263-ACCA-42DE-B2A5-B9CB9415B199} - System32\Tasks\program32\zpstray => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {4246767F-9FBC-49A5-B463-F4937D44A28B} - System32\Tasks\plugin-container => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {5D3693D9-2256-47CE-B82F-669E07B004BA} - System32\Tasks\plugin-container-exe => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {5E7A7ED2-638C-48C0-A91D-6DC1BCC36F23} - System32\Tasks\{8F7F91FB-A016-4FFA-9DE1-B7BC457744A4} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Activision\Madagascar\Launcher.exe" -d "C:\Program Files (x86)\Activision\Madagascar\"
Task: {6A2B0FB5-1807-4B37-A9DC-1E482A37A0FD} - System32\Tasks\{EE324FF2-D289-489A-9C7C-D2A5620F705B} => C:\WINDOWS\system32\pcalua.exe -a "D:\Program Files (x86)\Mafia II\pc\mafia2.exe" -d "D:\Program Files (x86)\Mafia II\pc"
Task: {6B124FBF-E304-46DB-A8A7-7A916D9C7F4B} - System32\Tasks\firefox => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {6e245b01-5a70-4791-ad28-093ca6102376} - no filepath
Task: {8312E761-E331-4102-B93E-AB6BF75796EC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8515C27B-1369-4EE6-B614-3328C211CA34} - System32\Tasks\{052A8318-1DC2-4637-8FEB-B3615336F8A6} => C:\WINDOWS\system32\pcalua.exe -a C:\TopCD\Hřebčín\MG2.exe -d C:\TopCD\Hřebčín
Task: {98D5533C-6A8C-4690-B2D4-055927E78905} - System32\Tasks\program64\zpsicfg => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {A32D8ECE-F151-46A2-9983-8CCCF87C4A9D} - System32\Tasks\{C847CA93-563B-441E-859C-DECA5A30EE22} => C:\WINDOWS\system32\pcalua.exe -a "D:\Program Files\Launcher.exe" -d "D:\Program Files\"
Task: {B27E80D9-65C8-421C-9DD6-8357EF074374} - System32\Tasks\Driver Booster SkipUAC (Markalous) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
AlternateDataStreams: C:\ProgramData\Temp:74603393 [122]
FirewallRules: [{A3826635-8963-4A37-A80D-04105211A430}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{5BD93084-CC72-44C7-8775-EE5C1BE72A5A}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{6AB1C6EA-72CD-4E1B-A2EB-30A8A015DE82}] => (Allow) C:\WINDOWS\system32\rundll32.exe
C:\ProgramData\4982n4126n2647H6893
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
========================= File: C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll ========================
"C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll" => not found
====== End of File: ======
========================= Folder: C:\ProgramData\4982n4126n2647H6893 ========================
2017-03-15 21:22 - 2017-03-16 19:52 - 000041629 ____A [2B8307B0D80C82D38073D0252E84AF21] () C:\ProgramData\4982n4126n2647H6893\1156421152
====== End of Folder: ======
========================= File: C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe ========================
C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe
File is digitally signed
MD5: 9C30ACD6AA83BDE68329941D37E3B4B1
Creation and modification date: 2018-04-12 01:34 - 2018-04-12 01:34
Size: 000437248
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/9e370fe ... 536060495/
====== End of File: ======
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NolowDiskSpaceChecks" => removed successfully
"HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21380089-d60d-11e5-9c1f-4c3488b4c12e}" => removed successfully
HKLM\Software\Classes\CLSID\{21380089-d60d-11e5-9c1f-4c3488b4c12e} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => removed successfully
HKLM\Software\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => not found
"HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE14A255-747F-4FF8-BA39-73E5007E2D6F}" => removed successfully
HKLM\Software\Classes\CLSID\{AE14A255-747F-4FF8-BA39-73E5007E2D6F} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => removed successfully
HKLM\Software\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => not found
C:\Program Files\trend micro => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuExt" => removed successfully
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler" => removed successfully
HKLM\Software\Classes\CLSID\{B19ED566-D419-470b-B111-3C89040BC027} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler" => removed successfully
HKLM\Software\Classes\CLSID\{B19ED566-D419-470b-B111-3C89040BC027} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{016B7554-ABE2-4492-BFB4-EED24E93AC67}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{016B7554-ABE2-4492-BFB4-EED24E93AC67}" => removed successfully
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893-dll => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4982n4126n2647H6893-dll" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{05506537-BCFA-44E3-A665-782CE90825D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05506537-BCFA-44E3-A665-782CE90825D7}" => removed successfully
C:\WINDOWS\System32\Tasks\program64\zps => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\program64\zps" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3ED86263-ACCA-42DE-B2A5-B9CB9415B199}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3ED86263-ACCA-42DE-B2A5-B9CB9415B199}" => removed successfully
C:\WINDOWS\System32\Tasks\program32\zpstray => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\program32\zpstray" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4246767F-9FBC-49A5-B463-F4937D44A28B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4246767F-9FBC-49A5-B463-F4937D44A28B}" => removed successfully
C:\WINDOWS\System32\Tasks\plugin-container => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\plugin-container" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5D3693D9-2256-47CE-B82F-669E07B004BA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D3693D9-2256-47CE-B82F-669E07B004BA}" => removed successfully
C:\WINDOWS\System32\Tasks\plugin-container-exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\plugin-container-exe" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E7A7ED2-638C-48C0-A91D-6DC1BCC36F23}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E7A7ED2-638C-48C0-A91D-6DC1BCC36F23}" => removed successfully
C:\WINDOWS\System32\Tasks\{8F7F91FB-A016-4FFA-9DE1-B7BC457744A4} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8F7F91FB-A016-4FFA-9DE1-B7BC457744A4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A2B0FB5-1807-4B37-A9DC-1E482A37A0FD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A2B0FB5-1807-4B37-A9DC-1E482A37A0FD}" => removed successfully
C:\WINDOWS\System32\Tasks\{EE324FF2-D289-489A-9C7C-D2A5620F705B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EE324FF2-D289-489A-9C7C-D2A5620F705B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6B124FBF-E304-46DB-A8A7-7A916D9C7F4B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B124FBF-E304-46DB-A8A7-7A916D9C7F4B}" => removed successfully
C:\WINDOWS\System32\Tasks\firefox => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\firefox" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6e245b01-5a70-4791-ad28-093ca6102376}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8312E761-E331-4102-B93E-AB6BF75796EC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8312E761-E331-4102-B93E-AB6BF75796EC}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8515C27B-1369-4EE6-B614-3328C211CA34}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8515C27B-1369-4EE6-B614-3328C211CA34}" => removed successfully
C:\WINDOWS\System32\Tasks\{052A8318-1DC2-4637-8FEB-B3615336F8A6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{052A8318-1DC2-4637-8FEB-B3615336F8A6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{98D5533C-6A8C-4690-B2D4-055927E78905}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98D5533C-6A8C-4690-B2D4-055927E78905}" => removed successfully
C:\WINDOWS\System32\Tasks\program64\zpsicfg => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\program64\zpsicfg" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A32D8ECE-F151-46A2-9983-8CCCF87C4A9D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A32D8ECE-F151-46A2-9983-8CCCF87C4A9D}" => removed successfully
C:\WINDOWS\System32\Tasks\{C847CA93-563B-441E-859C-DECA5A30EE22} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C847CA93-563B-441E-859C-DECA5A30EE22}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B27E80D9-65C8-421C-9DD6-8357EF074374}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B27E80D9-65C8-421C-9DD6-8357EF074374}" => removed successfully
C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Markalous) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Markalous)" => removed successfully
C:\ProgramData\Temp => ":74603393" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3826635-8963-4A37-A80D-04105211A430}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5BD93084-CC72-44C7-8775-EE5C1BE72A5A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6AB1C6EA-72CD-4E1B-A2EB-30A8A015DE82}" => removed successfully
C:\ProgramData\4982n4126n2647H6893 => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16309804 B
Java, Flash, Steam htmlcache => 1506 B
Windows/system/drivers => 137199 B
Edge => 201 B
Chrome => 199084 B
Firefox => 67098307 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 7600 B
LocalService => 6656 B
LocalService => 0 B
NetworkService => 158745 B
NetworkService => 0 B
Markalous => 85497786 B
kavokerr_nci_user => 6656 B
DefaultAppPool => 6656 B
RecycleBin => 0 B
EmptyTemp: => 169.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:59:23 ====
-------------------------------------------------------------------------------------------------------
Fix result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by Markalous (04-09-2018 19:57:08) Run:1
Running from C:\Users\Markalous\Desktop\Údržba
Loaded Profiles: Markalous & kavokerr_nci_user (Available Profiles: Markalous & kavokerr_nci_user & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll
Folder: C:\ProgramData\4982n4126n2647H6893
File: C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2007-10-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\MountPoints2: {21380089-d60d-11e5-9c1f-4c3488b4c12e} - "F:\AUTORUN.EXE"
ShellExecuteHooks: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> DefaultScope {AE14A255-747F-4FF8-BA39-73E5007E2D6F} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {AE14A255-747F-4FF8-BA39-73E5007E2D6F} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
2018-09-03 10:05 - 2016-02-05 12:18 - 000000000 ____D C:\Program Files\trend micro
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
Task: {016B7554-ABE2-4492-BFB4-EED24E93AC67} - System32\Tasks\4982n4126n2647H6893-dll => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {05506537-BCFA-44E3-A665-782CE90825D7} - System32\Tasks\program64\zps => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {3ED86263-ACCA-42DE-B2A5-B9CB9415B199} - System32\Tasks\program32\zpstray => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {4246767F-9FBC-49A5-B463-F4937D44A28B} - System32\Tasks\plugin-container => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {5D3693D9-2256-47CE-B82F-669E07B004BA} - System32\Tasks\plugin-container-exe => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {5E7A7ED2-638C-48C0-A91D-6DC1BCC36F23} - System32\Tasks\{8F7F91FB-A016-4FFA-9DE1-B7BC457744A4} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Activision\Madagascar\Launcher.exe" -d "C:\Program Files (x86)\Activision\Madagascar\"
Task: {6A2B0FB5-1807-4B37-A9DC-1E482A37A0FD} - System32\Tasks\{EE324FF2-D289-489A-9C7C-D2A5620F705B} => C:\WINDOWS\system32\pcalua.exe -a "D:\Program Files (x86)\Mafia II\pc\mafia2.exe" -d "D:\Program Files (x86)\Mafia II\pc"
Task: {6B124FBF-E304-46DB-A8A7-7A916D9C7F4B} - System32\Tasks\firefox => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {6e245b01-5a70-4791-ad28-093ca6102376} - no filepath
Task: {8312E761-E331-4102-B93E-AB6BF75796EC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8515C27B-1369-4EE6-B614-3328C211CA34} - System32\Tasks\{052A8318-1DC2-4637-8FEB-B3615336F8A6} => C:\WINDOWS\system32\pcalua.exe -a C:\TopCD\Hřebčín\MG2.exe -d C:\TopCD\Hřebčín
Task: {98D5533C-6A8C-4690-B2D4-055927E78905} - System32\Tasks\program64\zpsicfg => C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
Task: {A32D8ECE-F151-46A2-9983-8CCCF87C4A9D} - System32\Tasks\{C847CA93-563B-441E-859C-DECA5A30EE22} => C:\WINDOWS\system32\pcalua.exe -a "D:\Program Files\Launcher.exe" -d "D:\Program Files\"
Task: {B27E80D9-65C8-421C-9DD6-8357EF074374} - System32\Tasks\Driver Booster SkipUAC (Markalous) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
AlternateDataStreams: C:\ProgramData\Temp:74603393 [122]
FirewallRules: [{A3826635-8963-4A37-A80D-04105211A430}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{5BD93084-CC72-44C7-8775-EE5C1BE72A5A}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{6AB1C6EA-72CD-4E1B-A2EB-30A8A015DE82}] => (Allow) C:\WINDOWS\system32\rundll32.exe
C:\ProgramData\4982n4126n2647H6893
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
========================= File: C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll ========================
"C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll" => not found
====== End of File: ======
========================= Folder: C:\ProgramData\4982n4126n2647H6893 ========================
2017-03-15 21:22 - 2017-03-16 19:52 - 000041629 ____A [2B8307B0D80C82D38073D0252E84AF21] () C:\ProgramData\4982n4126n2647H6893\1156421152
====== End of Folder: ======
========================= File: C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe ========================
C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe
File is digitally signed
MD5: 9C30ACD6AA83BDE68329941D37E3B4B1
Creation and modification date: 2018-04-12 01:34 - 2018-04-12 01:34
Size: 000437248
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/9e370fe ... 536060495/
====== End of File: ======
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NolowDiskSpaceChecks" => removed successfully
"HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21380089-d60d-11e5-9c1f-4c3488b4c12e}" => removed successfully
HKLM\Software\Classes\CLSID\{21380089-d60d-11e5-9c1f-4c3488b4c12e} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => removed successfully
HKLM\Software\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => not found
"HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE14A255-747F-4FF8-BA39-73E5007E2D6F}" => removed successfully
HKLM\Software\Classes\CLSID\{AE14A255-747F-4FF8-BA39-73E5007E2D6F} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => removed successfully
HKLM\Software\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => not found
C:\Program Files\trend micro => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuExt" => removed successfully
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler" => removed successfully
HKLM\Software\Classes\CLSID\{B19ED566-D419-470b-B111-3C89040BC027} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler" => removed successfully
HKLM\Software\Classes\CLSID\{B19ED566-D419-470b-B111-3C89040BC027} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{016B7554-ABE2-4492-BFB4-EED24E93AC67}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{016B7554-ABE2-4492-BFB4-EED24E93AC67}" => removed successfully
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893-dll => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4982n4126n2647H6893-dll" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{05506537-BCFA-44E3-A665-782CE90825D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05506537-BCFA-44E3-A665-782CE90825D7}" => removed successfully
C:\WINDOWS\System32\Tasks\program64\zps => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\program64\zps" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3ED86263-ACCA-42DE-B2A5-B9CB9415B199}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3ED86263-ACCA-42DE-B2A5-B9CB9415B199}" => removed successfully
C:\WINDOWS\System32\Tasks\program32\zpstray => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\program32\zpstray" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4246767F-9FBC-49A5-B463-F4937D44A28B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4246767F-9FBC-49A5-B463-F4937D44A28B}" => removed successfully
C:\WINDOWS\System32\Tasks\plugin-container => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\plugin-container" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5D3693D9-2256-47CE-B82F-669E07B004BA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D3693D9-2256-47CE-B82F-669E07B004BA}" => removed successfully
C:\WINDOWS\System32\Tasks\plugin-container-exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\plugin-container-exe" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E7A7ED2-638C-48C0-A91D-6DC1BCC36F23}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E7A7ED2-638C-48C0-A91D-6DC1BCC36F23}" => removed successfully
C:\WINDOWS\System32\Tasks\{8F7F91FB-A016-4FFA-9DE1-B7BC457744A4} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8F7F91FB-A016-4FFA-9DE1-B7BC457744A4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A2B0FB5-1807-4B37-A9DC-1E482A37A0FD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A2B0FB5-1807-4B37-A9DC-1E482A37A0FD}" => removed successfully
C:\WINDOWS\System32\Tasks\{EE324FF2-D289-489A-9C7C-D2A5620F705B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EE324FF2-D289-489A-9C7C-D2A5620F705B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6B124FBF-E304-46DB-A8A7-7A916D9C7F4B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B124FBF-E304-46DB-A8A7-7A916D9C7F4B}" => removed successfully
C:\WINDOWS\System32\Tasks\firefox => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\firefox" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6e245b01-5a70-4791-ad28-093ca6102376}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8312E761-E331-4102-B93E-AB6BF75796EC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8312E761-E331-4102-B93E-AB6BF75796EC}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8515C27B-1369-4EE6-B614-3328C211CA34}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8515C27B-1369-4EE6-B614-3328C211CA34}" => removed successfully
C:\WINDOWS\System32\Tasks\{052A8318-1DC2-4637-8FEB-B3615336F8A6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{052A8318-1DC2-4637-8FEB-B3615336F8A6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{98D5533C-6A8C-4690-B2D4-055927E78905}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98D5533C-6A8C-4690-B2D4-055927E78905}" => removed successfully
C:\WINDOWS\System32\Tasks\program64\zpsicfg => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\program64\zpsicfg" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A32D8ECE-F151-46A2-9983-8CCCF87C4A9D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A32D8ECE-F151-46A2-9983-8CCCF87C4A9D}" => removed successfully
C:\WINDOWS\System32\Tasks\{C847CA93-563B-441E-859C-DECA5A30EE22} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C847CA93-563B-441E-859C-DECA5A30EE22}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B27E80D9-65C8-421C-9DD6-8357EF074374}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B27E80D9-65C8-421C-9DD6-8357EF074374}" => removed successfully
C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Markalous) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Markalous)" => removed successfully
C:\ProgramData\Temp => ":74603393" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3826635-8963-4A37-A80D-04105211A430}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5BD93084-CC72-44C7-8775-EE5C1BE72A5A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6AB1C6EA-72CD-4E1B-A2EB-30A8A015DE82}" => removed successfully
C:\ProgramData\4982n4126n2647H6893 => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16309804 B
Java, Flash, Steam htmlcache => 1506 B
Windows/system/drivers => 137199 B
Edge => 201 B
Chrome => 199084 B
Firefox => 67098307 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 7600 B
LocalService => 6656 B
LocalService => 0 B
NetworkService => 158745 B
NetworkService => 0 B
Markalous => 85497786 B
kavokerr_nci_user => 6656 B
DefaultAppPool => 6656 B
RecycleBin => 0 B
EmptyTemp: => 169.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:59:23 ====
Re: prevence po dlouhe dobe
Na klasickem plotnovem disku z PC nikdy raketa nebude - velice doporucuju SSD. Dalsi havet v PC nevidim, takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: prevence po dlouhe dobe
Děkuji velice za pomoc a přeji hezký den.
Re: prevence po dlouhe dobe
Nemate zac, rad jsem pomohl 
Mejte se krasne a treba zase nekdy
Mejte se krasne a treba zase nekdy
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?