Právě je 21 kvě 2019 00:45

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 11 ] 
Autor Zpráva
PříspěvekNapsal: 28 led 2019 13:50 
Offline
Návštěvník
Návštěvník

Registrován: 28 led 2019 13:23
Příspěvky: 12
Příloha:
FRST.rar [9.44 KiB]
4 krát


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 28 led 2019 13:52 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1614
Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, klikni na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 28 led 2019 14:47 
Offline
Návštěvník
Návštěvník

Registrován: 28 led 2019 13:23
Příspěvky: 12
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-25.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-28-2019
# Duration: 00:00:08
# OS: Windows 10 Pro
# Cleaned: 76
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\MM\AppData\Roaming\GoforFiles
Deleted C:\ProgramData\ICQ\ICQNewTab
Deleted C:\ProgramData\ytd video downloader
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\Users\MM\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C
Deleted C:\Program Files\GreenTree Applications
Deleted C:\Program Files\Common Files\DVDVideoSoft\TB
Deleted C:\ProgramData\SuperEasy Software
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperEasy Software
Deleted C:\Program Files\SuperEasy Software
Deleted C:\Program Files\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\pokki
Deleted HKCU\Software\drpsu
Deleted HKCU\Software\SuperEasy Software
Deleted HKLM\Software\SuperEasy Software
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Deleted HKLM\Software\Classes\CLSID\{528B5866-2BA6-42CE-8F74-39FB23B49767}
Deleted HKLM\Software\Classes\Interface\{FBB92627-0DAA-4B69-97CC-9879236FE039}
Deleted HKLM\Software\Classes\Interface\{E9ECFFF9-2011-439F-92EB-BE145ACD87DA}
Deleted HKLM\Software\Classes\Interface\{E515494B-7548-462A-B7E7-A3E6F8C4899C}
Deleted HKLM\Software\Classes\Interface\{DF51AD29-5239-441A-B921-E655C8162060}
Deleted HKLM\Software\Classes\Interface\{D325B617-D6F9-4C72-90B2-A38E6D15C16E}
Deleted HKLM\Software\Classes\Interface\{CC5B7648-AAF8-4642-B53D-B7B5E4AE7241}
Deleted HKLM\Software\Classes\Interface\{C0233F6C-3110-4AEA-A798-C81DA43CED9E}
Deleted HKLM\Software\Classes\Interface\{BE952BDF-6FDF-4A62-B318-E15D4487A2EF}
Deleted HKLM\Software\Classes\Interface\{B8E64931-27EF-42BC-AF3B-0E2B25D17567}
Deleted HKLM\Software\Classes\Interface\{B3D38AE9-C808-4811-8417-F114839D6392}
Deleted HKLM\Software\Classes\Interface\{B1285825-F24F-4651-9F8A-2012460AD2FC}
Deleted HKLM\Software\Classes\Interface\{A6670033-7A4B-4F59-B8A9-A7CEBF3CE960}
Deleted HKLM\Software\Classes\Interface\{9BAC5A3B-33FD-4DB9-A4F1-B749498D4017}
Deleted HKLM\Software\Classes\Interface\{9B4E4BF6-9346-4969-8428-C3CB81CD7A30}
Deleted HKLM\Software\Classes\Interface\{821ED2B3-866E-4177-870E-52D995D123D0}
Deleted HKLM\Software\Classes\Interface\{80995911-5CF2-483F-A260-C736E8D0C691}
Deleted HKLM\Software\Classes\Interface\{753C5ED0-B9AB-4F1E-8DAC-668E701CA569}
Deleted HKLM\Software\Classes\Interface\{469960F8-8172-4386-BBB1-DF3590027D58}
Deleted HKLM\Software\Classes\Interface\{2BA83048-8B7C-4186-843B-D97FC1A6AE95}
Deleted HKLM\Software\Classes\Interface\{1644E2E1-E15E-4E9E-9B25-5668536DD6A7}
Deleted HKLM\Software\Classes\Interface\{0E8990F4-2FC9-403C-883B-535D6271E740}
Deleted HKLM\Software\Classes\Interface\{066D89E6-B457-4A57-888A-B0AEB11D5BF1}
Deleted HKLM\Software\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
Deleted HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Deleted HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Deleted HKLM\Software\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Deleted HKLM\Software\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Deleted HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Deleted HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Deleted HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Deleted HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Deleted HKLM\Software\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Deleted HKLM\Software\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Deleted HKLM\Software\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Deleted HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Deleted HKLM\Software\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.slunecnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\slunecnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{c2b8e594-d284-ef0b-2c66-48a9c98914bc}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A474C13C-4057-4FF7-8A1B-4B67CD52B1B8}
Deleted HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted HKCU\Software\Mail.Ru
Deleted HKCU\Software\Norassie
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\torrent-harvester.en.softonic.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\softonic.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\en.softonic.com
Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8653 octets] - [28/01/2019 14:39:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 28 led 2019 14:51 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1614
Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 28 led 2019 15:05 
Offline
Návštěvník
Návštěvník

Registrován: 28 led 2019 13:23
Příspěvky: 12
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-01-2019
Ran by MM (administrator) on MM-PC (28-01-2019 14:55:18)
Running from C:\Users\MM\Desktop
Loaded Profiles: MM (Available Profiles: MM & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1803 17134.556 (X86) Language: Čeština (Česko)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cheetah Mobile,Inc.) C:\Program Files\cmcm\Clean Master\cmcore.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
() C:\Program Files\Common Files\Appkeys\yytool.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\MsMpEng.exe
(IObit) C:\Program Files\IObit\iFreeUp\iFreeUpMini.exe
(Cheetah Mobile,Inc.) C:\Program Files\cmcm\Clean Master\cmtray.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Corel) C:\Program Files\Common Files\Corel\Standby\Standby.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\Cobian.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbInterface.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Olympus Corporation) C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(Dropbox, Inc.) C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Dropbox, Inc.) C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(The Qt Company Ltd.) C:\Users\MM\AppData\Roaming\Dropbox\bin\QtWebEngineProcess.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11738184 2013-02-05] (Realtek Semiconductor)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2018-06-23] (Apple Inc.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [Standby] => c:\Program Files\Common Files\Corel\Standby\Standby.exe [105632 2010-05-17] (Corel)
HKLM\...\Run: [OV3_Monitor] => C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [40400 2018-06-18] (Olympus Corporation)
HKLM\...\Run: [Cobian Backup 11] => C:\Program Files\Cobian Backup 11\Cobian.exe [720896 2012-12-05] (Luis Cobian, CobianSoft)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [262456 2018-07-06] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\...\Run: [cmsc] => c:\program files\cmcm\Clean Master\cmtray.exe [1607280 2018-12-04] (Cheetah Mobile,Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Run: [OV3_Monitor] => C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [415696 2018-06-18] (Olympus Corporation)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Run: [Dropbox Update] => C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Run: [GarminExpress] => C:\Program Files\Garmin\Express\express.exe [30886976 2019-01-14] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Run: [FastVD] => C:\Program Files\FastPcTools\Fast VD\FastVD.exe [1636040 2019-01-22] (FastPcTools)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files\Garmin\Express\express.exe [30886976 2019-01-14] (Garmin Ltd. or its subsidiaries)
HKLM\...\Drivers32: [vidc.ffds] => C:\WINDOWS\system32\ff_vfw.dll [112640 2013-03-13] ()
HKLM\...\Drivers32: [msacm.avis] => C:\WINDOWS\system32\ff_acm.acm [47616 2013-03-13] ()
HKLM\...\Drivers32: [msacm.aacacm] => C:\WINDOWS\system32\AACACM.acm [294912 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [122880 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [VIDC.CSCD] => C:\WINDOWS\system32\CamCodec.dll [49664 2010-10-24] (CamStudio Group)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\WINDOWS\system32\CFHD.dll [1208320 2007-08-12] (CineForm Inc.)
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [756224 2012-02-28] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] ( )
HKLM\...\Drivers32: [VIDC.MLCY] => C:\WINDOWS\system32\mlc.dll [155648 2012-05-21] ()
HKLM\...\Drivers32: [VIDC.ULRA] => C:\Windows\system32\utv_vcm.dll [69632 2013-01-13] ()
HKLM\...\Drivers32: [VIDC.ULRG] => C:\Windows\system32\utv_vcm.dll [69632 2013-01-13] ()
HKLM\...\Drivers32: [VIDC.ULY0] => C:\Windows\system32\utv_vcm.dll [69632 2013-01-13] ()
HKLM\...\Drivers32: [VIDC.ULY2] => C:\Windows\system32\utv_vcm.dll [69632 2013-01-13] ()
HKLM\...\Drivers32: [vidc.x264] => C:\Program Files\x264vfw\x264vfw.dll [4283392 2013-02-27] ()
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [243200 2012-08-29] ()
HKLM\...\Drivers32: [VIDC.VP80] => C:\WINDOWS\system32\vp8vfw.dll [560128 2011-12-05] (Optima SC Inc.)
HKLM\...\Drivers32: [VIDC.IV41] => C:\WINDOWS\system32\ir41_32.dll [756736 2003-03-25] (Intel Corporation)
HKLM\...\Drivers32: [VIDC.GEOX] => C:\WINDOWS\system32\GeoCodec.dll [622592 2010-10-11] (GeoVision)
HKLM\...\Drivers32: [VIDC.GEOV] => C:\WINDOWS\system32\GeoCodec.dll [622592 2010-10-11] (GeoVision)
HKLM\...\Drivers32: [VIDC.GEOS] => C:\WINDOWS\system32\GeoCodecD.dll [622592 2010-10-11] (GeoVision)
HKLM\...\Drivers32: [VIDC.VMnc] => C:\WINDOWS\system32\vmnc.dll [252464 2010-09-20] (VMware, Inc.)
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.)
HKLM\...\Drivers32: [msacm.dvacm] => C:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm [20480 2010-05-17] (Corel TW Corp.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2019-01-23]
ShortcutTarget: Dropbox.lnk -> C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{88f0fe0e-3f47-432c-a9ae-1a63be7485a1}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{b3cf2ab9-b78c-45f0-babf-2d8e6e8bf54e}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y2w02
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.cz/
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origi ... w=y2w02&q={searchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origi ... w=y2w02&q={searchTerms}
SearchScopes: HKLM -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> DefaultScope {A474C13C-4057-4FF7-8A1B-4B67CD52B1B8} URL =
SearchScopes: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> {CCDA515E-1E72-40F7-9565-91A832FEB561} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-27] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-05] (Google Inc.)
BHO: Soda PDF 5 IE Helper -> {C737F472-1193-4281-BF53-A00B67AB3E19} -> C:\Program Files\Soda PDF 5\PDFIEHelper.dll [2013-01-25] (LULU Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-27] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-05] (Google Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: fkn1jbez.default-1517395260472
FF ProfilePath: C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\fkn1jbez.default-1517395260472 [2019-01-28]
FF Homepage: Mozilla\Firefox\Profiles\fkn1jbez.default-1517395260472 -> hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y2w02
FF HKLM\...\Firefox\Extensions: [FFSodaPDF5Converter@sodapdf.com] - C:\Program Files\Soda PDF 5\FFSoda5Ext
FF Extension: (Soda PDF 5 Converter For Firefox) - C:\Program Files\Soda PDF 5\FFSoda5Ext [2013-06-02] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi => not found
FF Plugin: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll [2013-01-30] (Adobe Systems, Inc.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-02-27] (Google)
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-27] (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default [2019-01-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AbAdminService; C:\Program Files\ToolbarTerminator\AbAdminService.exe [30984 2015-01-22] (Ascora GmbH) [File not signed]
R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [397936 2018-12-04] (Cheetah Mobile,Inc.)
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 Leawo_service; C:\Program Files\Common Files\Appkeys\yytool.exe [942576 2014-08-22] ()
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3151776 2018-07-15] (Microsoft Corporation)
S3 Soda PDF 5 Helper Service; C:\Program Files\Soda PDF 5\HelperService.exe [1237856 2013-01-25] (LULU Software)
S3 Soda PDF 5 Service; C:\Program Files\Soda PDF 5\ConversionService.exe [877920 2013-01-25] (LULU Software)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] ()
R2 UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] () [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [3378760 2019-01-25] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [91760 2019-01-25] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [53728 2012-08-03] (Windows (R) Win 7 DDK provider)
R0 JRAID; C:\WINDOWS\System32\drivers\jraid.sys [106296 2012-09-17] (JMicron Technology Corp.)
S3 ksapi; C:\WINDOWS\system32\drivers\ksapi.sys [132832 2018-12-04] (Kingsoft Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [221112 2018-01-28] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [75712 2018-01-28] (Malwarebytes)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [504832 2018-04-11] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38504 2019-01-25] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [268792 2019-01-25] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [47608 2019-01-25] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-28 14:55 - 2019-01-28 14:57 - 000019982 _____ C:\Users\MM\Desktop\FRST.txt
2019-01-28 14:38 - 2019-01-28 14:39 - 000000000 ____D C:\AdwCleaner
2019-01-28 14:36 - 2019-01-28 14:36 - 007320272 _____ (Malwarebytes) C:\Users\MM\Desktop\adwcleaner_7.2.6.0.exe
2019-01-28 13:38 - 2019-01-28 13:38 - 000009671 _____ C:\Users\MM\Downloads\FRST (1).rar
2019-01-28 13:38 - 2019-01-28 13:38 - 000009671 _____ C:\Users\MM\Desktop\FRST.rar
2019-01-28 13:37 - 2019-01-28 13:38 - 000026672 _____ C:\Users\MM\Desktop\Addition.rar
2019-01-28 13:12 - 2019-01-28 13:14 - 000113825 _____ C:\Users\MM\Downloads\Addition.txt
2019-01-28 13:09 - 2019-01-28 14:55 - 000000000 ____D C:\FRST
2019-01-28 13:09 - 2019-01-28 13:14 - 000043924 _____ C:\Users\MM\Downloads\FRST.txt
2019-01-28 13:08 - 2019-01-28 13:08 - 001787904 _____ (Farbar) C:\Users\MM\Desktop\FRST.exe
2019-01-28 11:21 - 2019-01-28 11:21 - 000000000 ____D C:\Users\MM\AppData\Roaming\WiseUpdate
2019-01-28 11:06 - 2019-01-28 11:07 - 003876168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-28 08:25 - 2019-01-09 12:08 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-01-28 08:25 - 2019-01-09 11:02 - 000636872 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-01-28 08:25 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-28 08:25 - 2019-01-09 10:55 - 003257856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-01-28 08:25 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-01-28 08:25 - 2019-01-09 10:53 - 000958976 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-01-28 08:25 - 2019-01-09 10:51 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-01-28 08:25 - 2019-01-09 10:51 - 002094080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-01-28 08:25 - 2019-01-09 10:50 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-28 08:25 - 2019-01-09 06:53 - 000480056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-01-28 08:25 - 2019-01-09 06:48 - 000994264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-28 08:25 - 2019-01-09 06:48 - 000074040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-01-28 08:25 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 006683448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-28 08:25 - 2019-01-09 06:43 - 006567768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 001990056 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 001617152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-01-28 08:25 - 2019-01-09 06:43 - 000949856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-28 08:25 - 2019-01-09 06:43 - 000831528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-28 08:25 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000358904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-01-28 08:25 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000195576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-01-28 08:25 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-01-28 08:25 - 2019-01-09 06:42 - 001190496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-28 08:25 - 2019-01-09 06:42 - 001051032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-28 08:25 - 2019-01-09 06:42 - 000371192 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-01-28 08:25 - 2019-01-09 06:42 - 000371192 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-01-28 08:25 - 2019-01-09 06:42 - 000140792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-01-28 08:25 - 2019-01-09 06:42 - 000100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-01-28 08:25 - 2019-01-09 06:34 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-28 08:25 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-01-28 08:25 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-01-28 08:25 - 2019-01-09 06:25 - 003255296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-28 08:25 - 2019-01-09 06:24 - 002808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-28 08:25 - 2019-01-09 06:24 - 001834496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-01-28 08:25 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-01-28 08:25 - 2019-01-09 06:23 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-01-28 08:25 - 2019-01-09 06:23 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-28 08:25 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-28 08:25 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-01-28 08:25 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-01-28 08:25 - 2019-01-09 06:21 - 001752064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-28 08:25 - 2019-01-09 06:21 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-28 08:25 - 2019-01-09 06:21 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-01-28 08:25 - 2019-01-09 06:21 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-01-28 08:25 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-01-28 08:25 - 2019-01-09 06:20 - 004516352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-28 08:25 - 2019-01-09 06:20 - 001272832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-28 08:25 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-01-28 08:25 - 2019-01-09 06:20 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-01-28 08:25 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-01-28 08:25 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-01-28 08:25 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-01-28 08:25 - 2019-01-09 06:18 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-01-28 08:25 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-01-28 08:25 - 2019-01-09 05:01 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-01-28 08:19 - 2018-09-20 05:33 - 001499960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-25 13:15 - 2019-01-28 12:50 - 000000000 ____D C:\Users\MM\AppData\Roaming\Wise Duplicate Finder
2019-01-25 13:15 - 2019-01-28 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Duplicate Finder
2019-01-25 13:15 - 2019-01-25 13:15 - 000000000 ____D C:\Program Files\Wise
2019-01-25 12:41 - 2019-01-25 12:43 - 000000000 ____D C:\Users\MM\Desktop\Nová složka
2019-01-23 21:40 - 2019-01-23 21:40 - 000000000 ____D C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-01-12 15:03 - 2019-01-12 15:03 - 008201952 _____ (Nullsoft, Inc.) C:\Users\MM\Downloads\winamp58_3660_beta_full_en-us.exe
2019-01-12 14:59 - 2019-01-12 14:59 - 002418200 _____ (Getimeteb ) C:\Users\MM\Downloads\winamp_4293877016.exe
2019-01-09 19:23 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 19:23 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 19:23 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 19:23 - 2019-01-01 07:38 - 000539696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 19:23 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 19:23 - 2019-01-01 07:37 - 002031104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 19:23 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 19:23 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 19:23 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 19:23 - 2019-01-01 07:37 - 000142352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 19:23 - 2019-01-01 07:37 - 000098832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 19:23 - 2019-01-01 07:37 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 19:23 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 19:23 - 2019-01-01 07:18 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 19:23 - 2019-01-01 07:18 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 19:23 - 2019-01-01 07:17 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 19:23 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 19:23 - 2019-01-01 07:17 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 19:23 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 19:23 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-01-09 19:23 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 19:23 - 2019-01-01 07:14 - 001184768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 19:23 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 19:23 - 2019-01-01 07:13 - 001689088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 19:23 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 19:23 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 19:23 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 19:23 - 2019-01-01 07:12 - 000977408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 19:23 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 19:23 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 19:23 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 19:23 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-01-04 08:30 - 2019-01-04 08:30 - 012245664 _____ C:\Users\MM\Downloads\FractalZoomer.exe
2019-01-02 14:58 - 2019-01-06 14:09 - 000000000 ____D C:\Users\MM\AppData\Roaming\Nanosoft
2019-01-02 14:57 - 2019-01-06 14:18 - 000000000 ____D C:\ProgramData\Nanosoft
2019-01-02 14:57 - 2019-01-02 14:57 - 000002495 _____ C:\Users\Public\Desktop\nanoCAD en 5.0.lnk
2019-01-02 14:57 - 2019-01-02 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nanosoft
2019-01-02 14:57 - 2019-01-02 14:57 - 000000000 ____D C:\Program Files\Nanosoft

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-28 14:52 - 2018-04-11 21:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-28 14:47 - 2018-05-16 15:11 - 001910950 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-28 14:47 - 2018-04-12 05:53 - 000793414 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-28 14:47 - 2018-04-12 05:53 - 000178452 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-28 14:47 - 2018-04-11 21:31 - 000000000 ____D C:\WINDOWS\INF
2019-01-28 14:42 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-28 14:40 - 2018-05-16 15:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-28 14:40 - 2018-04-11 13:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-28 14:39 - 2016-05-17 17:46 - 000000000 ____D C:\ProgramData\ICQ
2019-01-28 14:39 - 2015-08-08 14:52 - 000000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2019-01-28 14:34 - 2018-05-16 15:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-28 14:06 - 2018-07-10 14:24 - 000000000 ____D C:\ProgramData\Packages
2019-01-28 14:06 - 2018-04-11 21:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-28 12:56 - 2013-05-29 21:48 - 000000000 ___RD C:\Users\MM\Desktop\PC údržba
2019-01-28 11:29 - 2015-11-29 12:19 - 000000000 ____D C:\Users\MM\AppData\Roaming\vlc
2019-01-28 11:12 - 2013-05-29 21:39 - 000000000 ___RD C:\Users\MM\Dropbox
2019-01-28 11:04 - 2018-04-11 21:36 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-01-28 11:04 - 2018-04-11 21:36 - 000000000 ___RD C:\Program Files\Windows Defender
2019-01-28 11:04 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-28 11:04 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-01-28 11:04 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-28 08:29 - 2018-04-11 21:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-28 07:31 - 2018-01-30 12:05 - 000000000 ____D C:\ProgramData\ProductData
2019-01-25 18:33 - 2018-02-12 23:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-01-25 13:30 - 2013-06-02 18:02 - 000000000 ___RD C:\Users\MM\Desktop\Vypalování
2019-01-25 13:19 - 2013-05-29 19:18 - 000000000 ____D C:\Users\MM\AppData\Roaming\Ashampoo
2019-01-25 13:19 - 2013-05-29 19:18 - 000000000 ____D C:\Users\MM\AppData\Local\ashampoo
2019-01-25 13:19 - 2013-05-29 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2019-01-25 13:18 - 2013-05-29 19:18 - 000000000 ____D C:\ProgramData\Ashampoo
2019-01-25 13:18 - 2013-05-29 19:17 - 000000000 ____D C:\Program Files\Ashampoo
2019-01-24 07:48 - 2013-05-28 16:12 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-24 07:47 - 2013-06-07 22:44 - 000000000 ____D C:\Program Files\Garmin
2019-01-24 07:47 - 2013-06-07 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-01-24 07:46 - 2013-06-07 22:44 - 000000000 ____D C:\ProgramData\GARMIN
2019-01-23 21:40 - 2013-05-29 21:31 - 000000000 ____D C:\Users\MM\AppData\Roaming\Dropbox
2019-01-23 08:40 - 2013-10-29 21:41 - 000000000 ____D C:\Users\MM\AppData\Local\CrashDumps
2019-01-23 08:40 - 2013-05-28 19:23 - 000000000 ____D C:\Users\MM\AppData\Roaming\Winamp
2019-01-22 22:01 - 2014-03-16 20:22 - 000000000 ___RD C:\Users\MM\Desktop\Download
2019-01-22 09:11 - 2018-12-26 12:42 - 000000000 ____D C:\Users\MM\AppData\Local\FastVD
2019-01-22 09:11 - 2018-12-26 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast VD
2019-01-20 10:51 - 2013-06-02 10:54 - 000000000 ____D C:\Users\MM\AppData\Roaming\Vso
2019-01-19 09:24 - 2018-05-16 15:16 - 000002413 _____ C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-19 09:24 - 2016-07-21 21:36 - 000000000 ___RD C:\Users\MM\OneDrive
2019-01-18 10:38 - 2018-11-16 18:19 - 000000000 ____D C:\Program Files\rempl
2019-01-14 19:52 - 2018-05-20 16:59 - 000001674 _____ C:\Users\MM\Desktop\Dataserver MM.lnk
2019-01-12 15:07 - 2015-03-04 17:06 - 000000000 ___RD C:\Users\MM\Desktop\Audio
2019-01-12 15:04 - 2013-05-28 19:23 - 000000000 ____D C:\Program Files\Winamp
2019-01-11 09:25 - 2018-05-16 15:16 - 000000000 ____D C:\Users\MM\AppData\Local\Google
2019-01-11 09:25 - 2016-12-26 11:10 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2019-01-09 20:41 - 2013-05-28 21:55 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-01-09 19:38 - 2013-07-13 08:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 19:29 - 2013-05-30 17:28 - 129687688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-09 06:44 - 2013-05-28 16:47 - 000407698 __RSH C:\bootmgr
2019-01-08 12:22 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-07 18:46 - 2014-10-19 11:42 - 000000000 ____D C:\Users\MM\AppData\Roaming\Mp3tag
2019-01-06 14:27 - 2013-06-02 13:45 - 000000000 ____D C:\Users\MM\Documents\Calibre knihovna
2019-01-06 14:25 - 2013-05-28 21:30 - 000000000 ____D C:\Users\MM\Documents\My eBooks_pracovní (z kindle)
2019-01-06 13:54 - 2013-05-28 21:24 - 000000000 ____D C:\Users\MM\Documents\My eBooks_pracovní (mobi, doc, rtf z pdf, pdb)
2019-01-04 11:12 - 2013-05-28 21:31 - 000000000 ____D C:\Users\MM\Documents\My Publications
2019-01-04 11:01 - 2015-11-18 17:36 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-04 11:01 - 2013-05-28 21:14 - 000000000 ____D C:\Users\MM\Documents\ConvertXtoDVD
2019-01-02 20:41 - 2018-11-14 20:33 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-11-14 20:33 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2018-04-15 11:32 - 2018-04-15 11:32 - 000000282 _____ () C:\ProgramData\fontcacheev1.dat
2013-02-07 13:22 - 2013-02-07 13:22 - 000050330 _____ () C:\Program Files\AntiDust.exe
2011-01-12 01:00 - 2011-01-12 01:00 - 000146944 _____ () C:\Program Files\Common Files\dsfFLACDecoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000221184 _____ () C:\Program Files\Common Files\dsfFLACEncoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000204800 _____ () C:\Program Files\Common Files\dsfNativeFLACSource.dll
2012-05-11 13:16 - 2012-05-11 13:16 - 000171520 _____ () C:\Program Files\Common Files\dsfOggDemux2.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000240128 _____ () C:\Program Files\Common Files\dsfVorbisDecoder.dll
2009-07-11 22:08 - 2009-07-11 22:08 - 000001860 _____ () C:\Program Files\Common Files\Microsoft.VC90.CRT.manifest
2011-04-18 21:51 - 2011-04-18 21:51 - 000569680 _____ (Microsoft Corporation) C:\Program Files\Common Files\MSVCP90.dll
2011-04-18 21:51 - 2011-04-18 21:51 - 000653136 _____ (Microsoft Corporation) C:\Program Files\Common Files\MSVCR90.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000412672 _____ (Google) C:\Program Files\Common Files\vp8decoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000701440 _____ (Google) C:\Program Files\Common Files\vp8encoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000302592 _____ (Google) C:\Program Files\Common Files\webmmux.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000292352 _____ (Google) C:\Program Files\Common Files\webmsplit.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000030208 _____ () C:\Program Files\Common Files\wmpinfo.dll
2014-10-19 12:06 - 2014-10-19 12:06 - 000001680 _____ () C:\Users\MM\AppData\Roaming\.ptbt0
2013-12-31 11:40 - 2018-03-17 17:23 - 000000082 _____ () C:\Users\MM\AppData\Roaming\default.pls
2013-06-02 10:54 - 2013-06-02 10:54 - 000087608 _____ () C:\Users\MM\AppData\Roaming\inst.exe
2013-06-02 10:54 - 2013-06-02 10:54 - 000007887 _____ () C:\Users\MM\AppData\Roaming\pcouffin.cat
2013-06-02 10:54 - 2013-06-02 10:54 - 000001144 _____ () C:\Users\MM\AppData\Roaming\pcouffin.inf
2013-06-02 10:55 - 2013-06-02 10:55 - 000000034 _____ () C:\Users\MM\AppData\Roaming\pcouffin.log
2013-06-02 10:54 - 2013-06-02 10:54 - 000047360 _____ (VSO Software) C:\Users\MM\AppData\Roaming\pcouffin.sys
2013-08-03 13:45 - 2013-08-03 13:46 - 000000010 _____ () C:\Users\MM\AppData\Roaming\pdfdrawcodec.dll
2013-05-28 16:21 - 2013-05-28 16:21 - 000000017 _____ () C:\Users\MM\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-16 15:07

==================== End of FRST.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 28 led 2019 15:32 
Offline
Návštěvník
Návštěvník

Registrován: 28 led 2019 13:23
Příspěvky: 12
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-01-2019
Ran by MM (28-01-2019 14:58:11)
Running from C:\Users\MM\Desktop
Microsoft Windows 10 Pro Version 1803 17134.556 (X86) (2018-05-16 14:40:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1107837428-173974533-547177936-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1107837428-173974533-547177936-503 - Limited - Disabled)
Guest (S-1-5-21-1107837428-173974533-547177936-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1107837428-173974533-547177936-1002 - Limited - Enabled)
MM (S-1-5-21-1107837428-173974533-547177936-1000 - Administrator - Enabled) => C:\Users\MM
WDAGUtilityAccount (S-1-5-21-1107837428-173974533-547177936-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

123 Free Solitaire (HKLM\...\123 Free Solitaire) (Version: - )
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Professional Edition (HKLM\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.724.5507 - ABBYY)
Acoustica Standard Edition 5.0 (HKLM\...\Acoustica Standard Edition_is1) (Version: 5.0 - Acon AS)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Shockwave Player + Authorware Web Player (HKLM\...\Adobe Shockwave Player + Authorware Web Player) (Version: v12.0.0.112 - Adobe Systems, Inc.)
ANALOG projects premium (32-Bit) (HKLM\...\ANALOG_PROJECTS_1_2_38D54FE3_is1) (Version: 1.11 - Franzis Verlag GmbH)
ANT Drivers Installer x86 (HKLM\...\{2DA11ECB-92A9-4B4A-A25D-AA9DB8B94999}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Anti-Twin (Installation 20.8.2018) (HKLM\...\Anti-Twin 2018-08-20 11.05.37) (Version: - Joerg Rosenthal, Germany)
Apowersoft Phone Manager verze 2.8.7 (HKLM\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.8.7 - APOWERSOFT LIMITED)
Apowersoft Unlimited V1.1.7 (HKLM\...\{c03dc130-3664-4210-b9b2-3d35a08c76f5}_is1) (Version: 1.1.7 - Apowersoft LIMITED)
Apowersoft Video Konvertor V4.7.4 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.7.4 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{B19FCC39-7914-4BBC-80EE-1D606BD8C686}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ashampoo Burning Studio 2012 v10.0.15 (HKLM\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2017 (HKLM\...\{91B33C97-C878-6579-69BA-23E5405C7AAB}_is1) (Version: 18.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2019 (HKLM\...\{91B33C97-293D-A984-2057-76661C44CB0E}_is1) (Version: 1.20.0 - Ashampoo GmbH & Co. KG)
Ashampoo Home Designer Pro 3 (HKLM\...\{CEAF6AE1-CE17-4ED1-A817-C31012B8D6CD}_is1) (Version: 3.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 14 (HKLM\...\{0A11EA01-616B-A905-B3D2-3B7C238851DC}_is1) (Version: 14.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio 2013 v.1.0.2 (HKLM\...\{91B33C97-34D2-9841-084D-BE4849F6A38F}_is1) (Version: 1.0.2 - Ashampoo GmbH & Co. KG)
Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AutoCAD 2007 - Český (HKLM\...\{5783F2D7-5001-0405-0002-0060B0CE6BBA}) (Version: 17.0.54.110 - Autodesk)
Autodesk DWF Viewer (HKLM\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9045 - )
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
AVStoDVD 2.7.5 (HKLM\...\AVStoDVD) (Version: 2.7.5 - MrC)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\E77704EF5E71F4F18CADFBFA68595AFE036D5D97) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM\...\{0B374B2C-FE04-4741-B0B2-B14D84CEDAFF}) (Version: 3.35.0 - Kovid Goyal)
Canon MP Navigator EX 1.0 (HKLM\...\MP Navigator EX 1.0) (Version: - )
Canon MP220 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP220_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CDex - Digital Audio CD Extractor and Converter (HKLM\...\CDex) (Version: 1.81.0.2016 - Georgy Berdyshev)
cGPSmapper Free 0100d (HKLM\...\cGPSmapper Free_is1) (Version: - cGPSmapper)
Clean Master (HKLM\...\cmpc) (Version: 6.0 - Cheetah Mobile)
Cobian Backup 11 Gravity (HKLM\...\CobBackup11) (Version: - )
Compiled Driver Disk (Nokia) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811205}_is1) (Version: 1.0.8.0 - COMPELSON Labs)
Contents (HKLM\...\{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}) (Version: 1.6.2.36 - Corel Corporation) Hidden
Convert WAV To MP3 1.0 (HKLM\...\Convert WAV To MP3_is1) (Version: - A Software Plus)
Convert-All Media Converter (HKLM\...\Convert-All Media Converter) (Version: - )
Corel Applications (HKLM\...\Corel Applications) (Version: - )
Corel VideoStudio Pro X3 (HKLM\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.2.36 - Corel Corporation)
CSE HTML Validator Standard v12.03 (HKLM\...\CSEHTMLVALIDATOR120_is1) (Version: 12.3.0.0 - AI Internet Solutions LLC)
Curvas de nivel VFP Portugal (HKLM\...\Curvas nivel VFP Portugal) (Version: - )
CyberLink PhotoDirector 8 (HKLM\...\{80986AB6-3CB0-49db-AB48-1600844D6374}) (Version: 8.0.3515.0 - CyberLink Corp.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DeviceIO (HKLM\...\{F4E9851F-765E-40B7-9859-237C2724E62C}) (Version: 1.6.2.36 - Corel Corporation) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
DVDFab Platinum 4.1.2.0 (HKLM\...\DVDFab Platinum 4_is1) (Version: - Fengtao Software Inc.)
EasyGPS 5.18.0.0 (HKLM\...\EasyGPS_is1) (Version: 5.18.0.0 - TopoGrafix)
Elevated Installer (HKLM\...\{F3FFDC37-92A9-4E5E-B57E-7E47FD4FFDAF}) (Version: 6.11.1.0 - Garmin Ltd or its subsidiaries) Hidden
FARO LS 1.1.406.58 (HKLM\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fast VD 3.1.0.21 (HKLM\...\9ED08AFF-E977-47db-8923-2499D74C97C5_Fast VD_is1) (Version: 3.1.0.21 - FastPcTools)
FastStone Image Viewer 6.5 (HKLM\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
FastStone Photo Resizer 3.2 (HKLM\...\FastStone Photo Resizer) (Version: 3.2 - FastStone Soft.)
Firebird SQL Server - MAGIX Edition (HKLM\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Folder Marker Home v 3.2 Chip Czech Edition (HKLM\...\Folder Marker_is1) (Version: 3.2 - ArcticLine Software)
Fotogalerie (HKLM\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Converter (HKLM\...\Free Audio Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd)
Free Video Flip and Rotate version 2.1.2.821 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.2.821 - DVDVideoSoft Ltd.)
Garmin BaseCamp (HKLM\...\{0D7C8884-192D-4E2D-A635-B282B3647E45}) (Version: 4.4.7 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{353EA8D4-4E75-4D16-83E1-60F0223E502A}) (Version: 6.11.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM\...\{a8423fa4-7f62-4346-b5e2-abb033b1a927}) (Version: 6.11.1.0 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin TOPO Österreich v2 (HKLM\...\{7AA38575-25A1-4C2F-B40B-2188EB73FF0E}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{E31435FE-F0B7-4A62-BE46-BD166A1EEFFB}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
GeoGet verze 2.9.9.775 (HKLM\...\GeoGet_is1) (Version: 2.9.9.775 - )
GMapTool 0.8.186a (HKLM\...\{1873789F-59D5-4002-8A2F-60A827B78F98}_is1) (Version: - AP)
Google Earth (HKLM\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.18) (Version: 9.18 - Artifex Software Inc.)
HD Video Converter Factory Pro 16.1 (HKLM\...\HD Video Converter Factory Pro) (Version: 16.1 - WonderFox Soft, Inc.)
Helicon Filter 5.5.4 (HKLM\...\Helicon Filter 5_is1) (Version: - Helicon Soft Ltd.)
Helicon Photo Safe Pro 4.60.0.0 (HKLM\...\Helicon Photo Safe Pro_is1) (Version: 4.60.0.0 - Helicon Soft Ltd.)
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
ICA (HKLM\...\{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.2.36 - Corel Corporation) Hidden
iCloud (HKLM\...\{9A07AB4F-6B53-43E9-B7FC-7892E8C26BE3}) (Version: 4.1.1.53 - Apple Inc.)
ICQ (verze 10.0.12341) (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\icq.desktop) (Version: 10.0.12341 - ICQ)
iFreeUp 1.0 (HKLM\...\iFreeUp_is1) (Version: 1.0.12 - IObit)
iMyFone Umate 5.1.0.3 (HKLM\...\{5284F901-9F62-4462-A0E6-2E4373A64454}_is1) (Version: 5.1.0.3 - Shenzhen iMyFone Technology Co., Ltd.)
Incomedia WebSite X5 v10 - Home (HKLM\...\{22B260EE-79AD-4F4C-9E06-349E8F1D958C}_is1) (Version: 10.0.4.28 - Incomedia s.r.l.)
iPhone Care Pro (HKLM\...\iPhone Care Pro) (Version: - Tenorshare, Inc.)
IPM_VS_Pro (HKLM\...\{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}) (Version: 13.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{6FF5D12A-8E8C-4019-9BBC-566912771289}) (Version: 12.8.0.150 - Apple Inc.)
Java 8 Update 191 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
K-Lite Codec Pack 9.4.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 9.4.0 - )
Lagarith Lossless Codec (1.3.27) (HKLM\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Leawo iTransfer version 1.8.2.5 (HKLM\...\{93337CC5-9BC4-4FB0-B82E-38EC63E149F3}_is1) (Version: 1.8.2.5 - Leawo Software)
Leawo Music Recorder version 1.1.0.0 (HKLM\...\{FAF11D3B-7633-402B-BAFA-4BCAAE030F20}_is1) (Version: 1.1.0.0 - Leawo Software)
Leawo Prof. Media version 7.7.0.0 (HKLM\...\{A5F041A4-812A-47C2-AD53-8893A81019FB}_is1) (Version: 7.7.0.0 - Leawo Software)
Leawo Video Converter Ultimate version 6.2.0.0 (HKLM\...\{F8FF54F5-AF73-4698-BF5C-393689CD0079}_is1) (Version: 6.2.0.0 - Leawo Software Co.,Ltd.)
Leawo Youtube Downloader version 4.5.0.1 (HKLM\...\{9E887DDE-2882-43E3-8AAF-127F8198030D}_is1) (Version: - Leawo Software Co., Ltd.)
MAGIX Photo Manager 15 (HKLM\...\{7C382EF1-2F98-47B4-9F31-511935D1138D}) (Version: 11.0.2.36 - MAGIX Software GmbH) Hidden
MAGIX Photo Manager 15 (HKLM\...\MX.{7C382EF1-2F98-47B4-9F31-511935D1138D}) (Version: 11.0.2.36 - MAGIX Software GmbH)
MediaInfo 18.03 (HKLM\...\MediaInfo) (Version: 18.03 - MediaArea.net)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
MLE (HKLM\...\{7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}) (Version: 1.0.0.23 - Corel Corporation) Hidden
Moto assistant 1.3 (HKLM\...\{B36DF239-A12D-4C3C-B588-E09DA71F3BCC}_is1) (Version: - )
Movavi Video Suite 11 SE (HKLM\...\Movavi Video Suite 11 SE) (Version: 11.2.1 - Movavi)
Movie Maker (HKLM\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 63.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 63.0.1 (x86 cs)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1.6877 - Mozilla)
Mozilla Thunderbird 60.3.3 (x86 cs) (HKLM\...\Mozilla Thunderbird 60.3.3 (x86 cs)) (Version: 60.3.3 - Mozilla)
Mp3tag v2.53 (HKLM\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyTube 6 (HKLM\...\{02C15B8C-26BE-479C-0001-7E31094C1376}) (Version: 6.0.14.115 - S.A.D.)
nanoCAD 5.0 (HKLM\...\{6D4250F7-DB33-4530-A9BD-A9D66BA34586}) (Version: 5.0.2520.2000 - Nanosoft)
Nik Collection (HKLM\...\Nik Collection) (Version: 1.2.11 - Google)
Nokia Connectivity Cable Driver (HKLM\...\{D4BF151C-70A8-4CE2-906F-4173A575BAD9}) (Version: 7.1.182.0 - Nokia)
Nokia PC Suite (HKLM\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia Software Updater (HKLM\...\{7130468A-F53F-4698-8C09-A339EA3B05E6}) (Version: 3.0.655 - Nokia Corporation)
Nokia Suite (HKLM\...\{88B6F9DE-C80F-4A70-ACF6-BEE933679170}) (Version: 3.8.54.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
OLYMPUS Digital Camera Updater (HKLM\...\{20802138-EAA6-424D-B7E9-A01AC4881F3D}) (Version: 2.1.2 - Olympus Corporation)
OLYMPUS Viewer 3 (HKLM\...\{48F7F217-9E30-423F-AF21-A517FF65F18E}) (Version: 1.3.0 - OLYMPUS IMAGING CORP.)
Opanda IExif 2.3 (HKLM\...\Opanda IExif_is1) (Version: 2.3 - Opanda Studio)
Opanda PowerExif 1.2 Professional Trial (HKLM\...\Opanda PowerExif Professional Trial_is1) (Version: 1.2 - Opanda Studio)
OpenStreetMap Portugal (HKLM\...\Topographic Portugal) (Version: - )
Oxygen Phone Manager II (Trial) (HKLM\...\Oxygen Phone Manager II (Trial)) (Version: - )
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC Image Editor (HKLM\...\{BE45D350-7BFF-4AC6-A958-65443346A40E}) (Version: 5.4 - Program4Pc Inc.)
PDF Editor Pro 3 (HKLM\...\PDF Editor Pro 3) (Version: - )
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
PhotoFiltre 7 (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\PhotoFiltre 7) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Pomocník při upgradu na Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Power Sound Editor Free v8.7.5 (HKLM\...\Power Sound Editor Free_is1) (Version: - Copyright(C) 2005-2014 PowerSE, Inc.)
PrimoPDF -- by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5.0.0.19 - Nitro PDF Software)
PureHD (HKLM\...\{F8423392-2296-4748-9B66-344432459632}) (Version: 1.6.2.36 - Corel Corporation) Hidden
RadioSure (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\RadioSure) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6839 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MP220 series (HKLM\...\Registrace uživatele zařízení Canon MP220 series) (Version: - )
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
SAM CoDeC Pack (HKLM\...\SAM CoDeC Pack) (Version: 5.05 - www.SamLab.ws)
Scanitto Pro (HKLM\...\{FC9FED7B-11C5-4BAA-AAF0-395AD111EE92}_is1) (Version: 3.5 - Masters ITC Software)
ScanSoft OmniPage SE 4 (HKLM\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Setup (HKLM\...\{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}) (Version: 1.6.2.36 - Corel Corporation) Hidden
Seznam CD a DVD 1.1 (HKLM\...\Seznam CD a DVD_is1) (Version: - S3 Software)
Share (HKLM\...\{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}) (Version: 1.6.2.36 - Corel Corporation) Hidden
Skype verze 8.33 (HKLM\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slovakia_Topo_v3_Beta2 (HKLM\...\{3862105D-1AD3-470D-9CE5-94A2DB91D6CC}) (Version: 1.00 - CONAN s.r.o.)
Smart GPS Sync 1.0.2 (HKLM\...\{C9145898-CE55-4DD3-B187-7928A2B3B67C}_is1) (Version: 1.0.2 - Picture Instruments)
SmartSound Common Data (HKLM\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Common Data (HKLM\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (HKLM\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
Soda PDF 5 (HKLM\...\{4E9B5BFE-856B-4C3A-BE90-4547DC255B22}) (Version: 5.0.131.9113 - LULU SOFTWARE LIMITED)
Sonic PDF Creator v3.0 (HKLM\...\Sonic PDF Creator_is1) (Version: 3.0 - Investintech.com Inc.)
Subtitle Edit 3.4.12 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.12.1 - Nikse)
Südtirol (Topo) (HKLM\...\{53F7328C-6687-4AC9-9F68-2E28D8273033}_is1) (Version: - )
SuperEasy Video Booster v.1.1.3056 (HKLM\...\{039BC111-ED4E-CCDF-634D-AF330C24ACB8}_is1) (Version: 1.1.3056 - SuperEasy Software GmbH & Co. KG)
Synology Assistant (remove only) (HKLM\...\Synology Assistant) (Version: - )
The KMPlayer 3.5.0.81 with LAV Filters (HKLM\...\{ACBA5A14-2D62-4820-8206-D768C74C1E10}_is1) (Version: - ©7sh3. (Сборка от 08.03.2013))
The Panorama Factory V5 m32 Edition (HKLM\...\{DFF110A5-82A4-45FC-873D-F5C6D7B57914}) (Version: 5.3.2792 - Smoky City Design)
Tint (HKLM\...\tint) (Version: - )
Toolbar Terminator (HKLM\...\Toolbar Terminator_is1) (Version: 1.7 - Abelssoft)
TOPO Czech PRO 2013 (HKLM\...\{8E2A1F3F-0E67-4B33-B8F4-A2A53FDDD844}) (Version: 7.00 - PICODAS PRAHA, spol. s r.o.)
Topo España V.3.0 (HKLM\...\{1CFDFFDB-6646-43D6-8141-A77443F6BF98}) (Version: 2.00 - MPC Licensee)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
TrekMap v2 (HKLM\...\{46E7E808-5AD2-44B6-B52C-68EB15182D8A}) (Version: 2.07 - Garmin Italia S.p.A.)
Ut Video Codec Suite (HKLM\...\utvideo_is1) (Version: 12.0.1 - UMEZAWA Takeshi)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VIO (HKLM\...\{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}) (Version: 1.6.2.36 - Corel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VSClassic (HKLM\...\{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}) (Version: 1.6.2.36 - Corel Corporation) Hidden
VSPro (HKLM\...\{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}) (Version: 1.6.2.36 - Corel Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.8 - Winamp SA)
Winamp Detector Plug-in (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPDFEditor V2.0.1 (HKLM\...\WinPDFEditor_is1) (Version: - hxxp://www.WinPDFEditor.com)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 12.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )
Wise Duplicate Finder 1.3.1 (HKLM\...\Wise Duplicate Finder_is1) (Version: 1.3.1 - WiseCleaner.com, Inc.)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
XnView 2.42 (HKLM\...\XnView_is1) (Version: 2.42 - Gougelet Pierre-e)
Xvid MPEG-4 Video Codec (HKLM\...\Xvid_is1) (Version: - )
YTD (pepak) (HKLM\...\YTD_Pepak) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0099CFA7-40DE-9D9D-D707-5FFE2B2650F9}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{04411138-2A90-5B8C-B564-CD8AB21F2F63}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0884B82D-BCEF-B184-2CA3-A699C29A777B}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{09BEBC5B-7AE6-BF07-3D8E-374A1D003178}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0ADB5C42-8CB2-DD35-E7F5-5D3250E2D19D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0E3A2831-F34B-311D-1F2C-51669957B3D9}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0E77E023-248B-ECF5-00AA-EB80BD24A918}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0F3E2C62-94E2-A6AF-EFEF-488244D2C350}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{10AD2F0E-24D7-4F3B-9527-DC122779BEE8}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{1761BAD7-545D-1E26-62BA-9ED9E3129390}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{1992A01B-977E-30D7-CD11-95937AFEBB64}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{1BD9F7BD-00B8-A273-AE79-C7DF8953E2B8}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{209128F5-71C6-205D-7037-7EA3985CEDFF}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2105A579-1F02-E681-1950-1E7CCE2C299A}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{210F070D-53AA-CAC9-0BF9-82F88AC4632E}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2139E5B7-3241-FC3A-0B6C-4FB71D7D7646}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{21A90043-CB5B-04F7-09D9-0CE8529B9481}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{23872B08-F8C8-5BA1-3706-F7CEA839596C}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{24A74811-718F-4FCE-225F-B8D2CFC48EDE}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2007\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2A1BE986-CFF9-2B5F-E0C3-84CF44F09EFC}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2DE43ED5-AF0D-4285-97E8-EC5ACEA34D1F}\InprocServer32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2E949038-8103-C652-C06F-3E520A8AD344}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2F018727-00DE-0891-E8FA-2B1D60C0C7E3}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{34B3EA24-BDB0-AF97-CFCF-20DCEB20ECFC}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{35C807A3-6024-5F29-0ADF-5EEB2011B3C7}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{3C5857B4-6BA3-23B9-4CD9-C28998672DC9}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{3E0C1902-4A51-8497-57EA-D62089C33826}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{449354E9-CDD8-4A11-BD82-0D4A3C21E7D2}\localserver32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\nCad.exe (ZAO Nanosoft)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{449CFB1B-1C07-48EA-9A9A-7A7881C2B49B}\InprocServer32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{4735EDE0-F8F7-40F4-BA07-74E8E4008729}\InprocServer32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.127.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{473D92C5-4A50-E6DB-B302-25676FC8CEF4}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{4BCF72DA-684E-5A64-A0E8-2F5597EB918A}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{4EEB678D-4605-914D-347A-4EF22C3D954B}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{51E98CE2-AF9F-4F9D-5EDB-9DA5486F5DF6}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{529FD314-ED7E-9058-8CA8-B959396BA57A}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{58A4EBCA-52B9-3F3D-71B0-60226A6FD4A7}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{5D02CD29-A2EE-2B02-B47B-067757CB2565}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{5E44874E-68AB-515A-5E71-22E33F9CE064}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{5F8A3072-41D2-7164-E1AB-BA65E32B2EDD}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{5FB36537-9B3C-6CFB-D515-3DE104240753}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6142F40B-76F6-9DE0-A2D5-CA6FBC9DF960}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{615BA1EB-1CCA-948B-AAC4-56D5690F4B3C}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{61FDB5BC-6D47-7B88-62CC-7DC08311B39D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{64D548CF-0D83-34A7-54A4-AC4429C26C73}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{65933717-4D32-5CBB-0037-F5E75AC4D7C7}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6A37D228-6D7D-5CF7-69BF-01951F547EBF}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6C99CC47-9EA3-328E-B24D-837C19A33AD4}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6CFB62AA-9D5C-EFD5-A37D-6D1E7AFBAEB3}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\MM\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe => No File
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6E210260-4389-512F-2454-0BCC2A32F68D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6E852F1D-53EA-E0F3-F137-435A55233594}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7135B2E1-D078-8CCA-E845-312B1412EA53}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{71B10F0A-DE60-1D5A-06C2-5E30420425ED}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{78A6AC9A-3070-9ED6-29D2-5AE4C2DE7B3F}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{79A8636B-7B98-EDC2-0C44-6F7E39DD6868}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7A59699F-EA33-6D20-2291-C292F7EFD244}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2007\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7B6A1858-E547-3187-9CC1-C91ECDF644FD}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7C95469D-367E-F10D-93E9-05C7FA6E50AD}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7EA2FC0E-D5C8-F83A-B584-C4811D0B1300}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7EDCD7E5-E2B0-D35E-31A2-55643393857A}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{81AF0F32-3D60-AE3F-506D-02DB3884C0DE}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{83A37DC5-310D-3F4F-5A26-CCF8F402F1AB}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{867FA47E-79EC-1BCF-94A0-DE4E6269F474}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{86CF96D8-F275-4791-B669-D50577FC157D}\InprocServer32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.75.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{873B53D6-E4FA-BF1B-164D-936082305719}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{8742C155-05EA-3DCC-9F1C-F8E5D8078C3D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{89628CCA-1B1A-1C61-70C0-FA8B941ACC08}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{8C15B215-08EF-A6B9-072B-893B3DB93B72}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{8D79DAC4-BC7B-9EF9-E4E9-22D914242211}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9062396A-8EAA-BE8A-2114-126FFF8A755D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{910B3874-1DC9-054D-A662-54206261C9A3}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{91AD5D5F-7148-FA24-D8BA-285E98FBF34D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{924D8ADA-3D35-08EA-C26E-77B4A046002F}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{92ACF168-5B66-15C4-3BD6-52668EAA751C}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9AA9CBF2-9967-5CD8-650F-6272187DCB7B}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9BAD416A-3107-E2EF-C9D1-3AB4A4625D16}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9CB2A27F-F39D-D869-B736-05C64AE1BC73}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9DE8E9C1-4B2F-6417-D95F-789641BFC94F}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9FDE4061-3B67-0283-DFF8-17D6722ABB01}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{A1783B66-0972-E760-B086-B4C93F834A97}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{A44AB5E0-40DC-5438-5623-DA019CABA56E}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{A7461C49-B122-2FA5-B6CF-5F023091356D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{AFFD1D06-04B2-B9B8-A9FA-B5807A179F2C}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{B2B539E6-BE3D-3BD8-6472-6CEA00208E69}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{B5EB0446-4CEA-6744-1E14-546FEBDA9C5A}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{B77FE1AF-94A8-2F97-12FE-A87825335B45}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{B781DBA9-CAFE-610D-EB3A-B362BF412BC7}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{BA4F7AA3-CAAD-62CE-3BFC-48A46B8891D5}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{BD4BB03D-5295-6188-D36F-16680A07920E}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{C4C34861-D306-93D5-B30F-A7F0D42D2D69}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{C591D97F-8486-AC2B-58ED-543546E9F184}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{C5EF8042-F768-BC19-D49A-541FD118ADFE}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{CBDEFAAC-70DA-8F2E-2F07-6B17A939A2A5}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{CD360D2D-595C-87CF-37F5-815AD591DBC4}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{CDBCA1D2-C8A7-A052-6D26-774DC3DCFFFC}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{CE7A9202-B9E3-C5A7-C144-6731A660A5EC}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D14F72D1-28A3-6A2E-A919-AF69B0E958B1}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D1F5A6BC-B25B-4319-7501-8B56EFABD41D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D374F580-6AA7-5B04-B04D-22F55A38A1D9}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D6FD15CA-7D04-3583-AD7D-E1454C6A04F8}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D7284C75-802A-9C84-37ED-97991FFF2869}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D7DB5A07-56E3-6D0D-EFCB-8BB39E57FDC0}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{DA35FC02-3B39-0965-A945-30C0A3D1910B}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{DAEDDF77-A975-3A67-4613-54A4365D5316}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{DD726CE9-69C8-3FF5-D897-84A1A3DE4E56}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{DE5085CD-0509-D588-3CF1-5BF9E64F60AE}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{DF1B703C-87EF-6650-A399-188CA41C6244}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E17B459E-3157-9A6A-3EF1-D41F3B109F00}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2007\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E59856CF-4604-A2AB-C809-72F9E0822B6D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E6B585EC-7147-23FA-F964-8B0BA659DC76}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E7D81C3F-2283-80AF-F00D-32AAF57167A3}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E9A74089-7508-1598-B918-3CA107BACB1B}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{EA666C34-165C-08AA-7E23-76799C3EFFF9}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{EC0F6A3A-7212-111C-3B18-8AAB9154F340}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{EDDB87CA-E44B-ECDC-F75E-F702179CF804}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{F441B67E-6438-F1A3-F6C3-1040BE5D80CA}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{F7749E6D-4338-12A1-168E-3E3E16ED004D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{F777A613-7EEB-F594-0C06-591F125C7759}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FEDB3A72-8276-586C-ECA4-69D898B9072C}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FF6A239C-37E6-5036-4FCD-ACFDB122933E}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2006-03-05] (Autodesk)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll [2005-11-15] (Autodesk, Inc.)
ContextMenuHandlers1: [cm_32bit] -> {D84432AF-3514-45a1-BD9C-1D6767EACD2E} => c:\program files\cmcm\Clean Master\cmmenu.dll [2018-12-04] (Cheetah Mobile,Inc.)
ContextMenuHandlers1: [FineReader9ContextMenu] -> {59A3380E-5305-4cea-BD99-4F2FF510C91F} => C:\Program Files\ABBYY FineReader 9.0\FRIntegration.dll [2007-12-07] (ABBYY Software Ltd)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll [2015-04-26] (Apple Inc.)
ContextMenuHandlers1: [SodaPDFExtension] -> {A0F0A29A-1D9A-4FF8-AB02-42698B04534C} => C:\Program Files\Soda PDF 5\ContextMenuExt.dll [2013-01-25] (LULU Software)
ContextMenuHandlers1: [SonicPDF.ShellExt] -> {70666C04-8490-4B85-96C6-D87C52E6F451} => C:\Program Files\Investintech.com Inc\Sonic PDF Creator\3.0\itSONShellExt.dll [2014-06-23] (Investintech.com Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers2: [cm_32bit] -> {D84432AF-3514-45a1-BD9C-1D6767EACD2E} => c:\program files\cmcm\Clean Master\cmmenu.dll [2018-12-04] (Cheetah Mobile,Inc.)
ContextMenuHandlers2: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => c:\Program Files\Common Files\Ulead Systems\DVD\USIShex.dll [2010-05-17] (Ulead Systems, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [cm_32bit] -> {D84432AF-3514-45a1-BD9C-1D6767EACD2E} => c:\program files\cmcm\Clean Master\cmmenu.dll [2018-12-04] (Cheetah Mobile,Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers5: [cm_32bit] -> {D84432AF-3514-45a1-BD9C-1D6767EACD2E} => c:\program files\cmcm\Clean Master\cmmenu.dll [2018-12-04] (Cheetah Mobile,Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [FMMenuExt] -> {47C91696-894C-46A1-B196-2C7CA1952F45} => C:\Program Files\Folder Marker\ShellExt.dll [2011-02-21] (ArcticLine Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1107837428-173974533-547177936-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1107837428-173974533-547177936-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1107837428-173974533-547177936-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01ED3DE4-15E3-4C9B-B3DE-96DA2A0D355F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {0712D985-FE50-4453-B711-9D787D886FEE} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {07179D13-E66C-46EF-B110-08146447A745} - System32\Tasks\{8F2614C1-3FFC-494C-BC47-D86A387D14E8} => D:\Moto assistant\moto_assistant.exe
Task: {071AF25E-B60B-4FCA-8981-25D12B236763} - System32\Tasks\Wise Turbo Checker => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe
Task: {07D157A6-F2A9-4817-9032-EF93B041B640} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {0A08A316-66F2-4AA5-ADBF-E2438F3D0413} - System32\Tasks\iFreeUp_SkipUac_MM => C:\Program Files\IObit\iFreeUp\iFreeUp.exe [2016-09-30] (IObit)
Task: {1318318C-B062-4104-B502-00C5EC64EB1B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D1A9997-EBAB-40FB-AC0F-5178079738CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {1FACA2EA-3A11-474F-9EBC-8D91D7C5572A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {1FE28DED-329D-4F65-977E-DE59183223D5} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe <==== ATTENTION
Task: {208CA118-8788-49EB-B846-3EFBF2CFD43A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000UA1d23700d63cd2e5 => C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {219160E8-9BC2-4C75-A32D-5E7F45EB300F} - System32\Tasks\{F4E84B67-15CC-4DBE-9631-D6B35D4011DA} => D:\Moto assistant\moto_assistant.exe
Task: {2364558B-67A7-4298-B5D3-3F6FB52D3F91} - System32\Tasks\{3AB31FA7-CE4F-4D65-8517-DE35CEA7E3DD} => C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe
Task: {25A498BD-8098-49DC-870B-3613C5B94F05} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {27989409-20A1-43B9-BD99-961FDBF324A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {2CBCF887-D1AB-4D15-85AA-4A73E5155C7C} - System32\Tasks\FastVD_UpdateSchedule => C:\Program Files\FastPcTools\Fast VD\FastVD.exe [2019-01-22] (FastPcTools)
Task: {2DCC3557-789E-4D24-9A6D-B60D854D9F67} - System32\Tasks\{8FF442D8-7B89-4DD7-947A-7FFE80B34223} => C:\Program Files\YTD\ytd.exe [2017-02-18] (Pepak)
Task: {2FE4A017-FE2F-4D00-9B8B-2CBD0F075A82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {31B00E04-DDD9-4E54-AC62-C01C4CDA2198} - System32\Tasks\{536ADA85-2327-4875-816E-2FC301FCC930} => D:\Moto assistant\moto_assistant.exe
Task: {33452792-50BF-4969-AAFD-25FA918E5CC0} - System32\Tasks\{BCD55362-CA17-4697-9E37-2F82DD989112} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {351B558B-8867-4BBA-B6CC-86E3132CAA42} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {42EF8D36-E395-43F5-A917-F2E7E58807A7} - System32\Tasks\{04F80CDE-96C0-4E7C-BC06-D55B3DF87646} => D:\Moto assistant\moto_assistant.exe
Task: {460E75F3-CAB2-4030-9B9D-6D771A5C725D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {46316DF1-49AE-4757-B3F2-9CA570630CE5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {481E93A2-BA19-41F3-8DE9-D341D1F3CAF1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {51BBDED5-0944-459A-B88E-D5700EB7E934} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {58E10C5E-B5DA-4A19-8169-46B96C322ABF} - System32\Tasks\{BE11830D-5D39-4883-94CE-41DB18416871} => C:\WINDOWS\system32\pcalua.exe -a E:\RUN.EXE -d E:\
Task: {602BC834-5E89-4C76-90EE-5A8BA36066C2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {615C78BA-B0D6-4DE1-B0AD-80215B2731EE} - System32\Tasks\{538C4725-558A-4E9C-9854-9D7A0A28C8DB} => D:\Moto assistant\moto_assistant.exe
Task: {67328526-A8A1-40E9-A96A-D19C56389274} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6D76744C-87A8-4A4C-840D-C23B897F45E9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EF66273-B9FC-4353-BB94-43D4D781FCD0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {79959071-1690-4155-A20B-2BB5E9AA8FFE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7DB71736-E456-4692-895E-9C980141987E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F5D07C7-45DA-4443-9CF6-6BAC5D94D9E4} - System32\Tasks\{CEA3E276-9CDF-4969-BF1F-E8FCF2D65B76} => C:\Program Files\YTD\ytd.exe [2017-02-18] (Pepak)
Task: {80DDDB1D-4A16-4EBE-9CBC-891540C68512} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8467253F-659D-4A0B-83A8-BC5C706A525F} - System32\Tasks\{D10ED8DF-AD18-48B8-9337-68AD77E32E25} => D:\Moto assistant\moto_assistant.exe
Task: {85A9D872-23BA-487A-AB36-371AD6A8C2EA} - System32\Tasks\Opera scheduled Autoupdate 1439041970 => C:\Program Files\Opera\launcher.exe
Task: {88E54489-E1BD-42E0-A2A6-5424B7DAB037} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2019-01-14] ()
Task: {8D3D8817-9BEA-47F2-B9D9-A51A1B335527} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {90102B4B-34D2-4533-9ACB-D277DA1B6176} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {90620059-8266-45FF-BBF4-F131B1440849} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000Core1d23700d5e5af58 => C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {942E6BD6-F24D-4B48-8A54-17F678296A5F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {98F7DE2E-5797-45E9-91AA-A699EEAE8199} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9992BC0B-20A5-4BF8-A6FB-92845CA04CAC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {A410964E-C191-481B-950C-C6D7EC370646} - System32\Tasks\{D090E77D-BDE5-4445-8E79-9EA5C9ED3BF9} => C:\Program Files\CyberLink\PowerDirector12\PDR12.exe
Task: {A7065E4A-C932-4CA7-809D-67E9AA27C425} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4BE7187-A7DE-41C0-9194-09F9D119D65F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B7AEFC48-709B-4B54-91E9-EA21D4D01BC1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BCF0BAA4-BF12-4602-870A-947E9545E3D1} - System32\Tasks\{33FC4677-F90D-49E3-90AB-108286B51A8F} => C:\Windows\system32\pcalua.exe -a C:\Users\MM\Downloads\Nokia_PC_Suite_ALL.exe -d C:\Users\MM\Downloads
Task: {BD939D5C-46FE-4024-938B-FBDB4A01F755} - System32\Tasks\{63821440-5E8F-4395-8239-7A7F4AAE0088} => D:\Moto assistant\moto_assistant.exe
Task: {C11CC6AA-4AA1-4D19-9D75-CEA408C1B5FE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-28] (AVAST Software)
Task: {C213EF7B-5958-4F69-B15B-D4F929D4FE7C} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {CA23E944-C3CD-43B3-8882-00821F191CB1} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {CBA7F6FB-5D82-4F34-A776-69F0AA1A9348} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {D137E099-C1FD-42CD-AE69-A58F552B88A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {D2280D07-2B86-4F16-A5E5-8A82BCADA511} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {D3259BE8-390F-42C5-9818-D65F9269A5A7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D82A1300-82C9-4D9E-8452-1E50B0DC0618} - System32\Tasks\{B5E11160-18DD-4831-A4B3-6AE0485CCDA3} => D:\Moto assistant\moto_assistant.exe
Task: {DA98BE3E-43AB-43EB-BC31-D6202F57DD7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {DADF6054-162D-4FA1-869C-4134956ADA57} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DBCD14AF-8B32-4C20-86F8-5548FE42D806} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DF17705F-16E4-4E4F-BFCF-F3C2A89DC726} - \Torntv 2-updater -> No File <==== ATTENTION
Task: {E060CDEE-2E00-4A30-9A01-40889EC9471A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2DE0780-D289-4DFC-93F5-E8D9FF5EABF2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E60E28F6-5C44-4C15-9199-68C5186160FB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F23D08D4-CAF9-4EE5-8AA8-E359CDCC5A4B} - System32\Tasks\{26226D52-E207-422E-8EE0-6B13AC05E33A} => D:\Moto assistant\moto_assistant.exe
Task: {F89F8646-382D-4BF3-BDD8-18D1285A480A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FA4677CD-F9EC-47DC-9C8A-DC71D2EEC9A3} - System32\Tasks\{84F07497-72BB-41B9-92BA-11DAEC4BC5E6} => C:\Windows\system32\pcalua.exe -a E:\Data\Install\mapsource\MapSource_6156.exe -d E:\Data\Install\mapsource

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000Core1d23700d5e5af58.job => C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000UA1d23700d63cd2e5.job => C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\www.emcos.cz\target.lnk -> hxxp://www.emcos.c
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2016-10-25 21:57 - 2009-07-31 02:44 - 000176235 _____ () C:\WINDOWS\System32\Primomonnt.dll
2018-05-12 19:38 - 2014-10-16 09:26 - 000622880 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2015-02-04 17:41 - 2014-08-22 09:16 - 000942576 _____ () C:\Program Files\Common Files\Appkeys\yytool.exe
2017-12-08 01:49 - 2017-12-08 01:49 - 000076088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-23 05:56 - 2018-06-23 05:56 - 001042232 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-18 09:57 - 2016-10-27 12:13 - 000114664 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-12-18 09:58 - 2016-10-27 12:13 - 000024040 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-12-18 09:58 - 2016-10-27 12:13 - 000048104 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-12-18 09:58 - 2016-10-27 12:13 - 000108008 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-03-18 06:41 - 2016-03-18 06:41 - 000248840 _____ () C:\Program Files\Synology\Assistant\UsbClientService.exe
2018-04-11 21:29 - 2018-04-11 21:29 - 000364200 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-05-12 19:38 - 2013-01-15 17:48 - 000348992 _____ () C:\Program Files\IObit\iFreeUp\madExcept_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000183616 _____ () C:\Program Files\IObit\iFreeUp\madBasic_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000051008 _____ () C:\Program Files\IObit\iFreeUp\madDisAsm_.bpl
2018-05-12 19:38 - 2015-07-29 13:12 - 000561952 _____ () C:\Program Files\IObit\iFreeUp\SQLite3.dll
2018-04-11 21:29 - 2018-04-11 21:29 - 000308224 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-02 16:36 - 2018-11-09 02:26 - 001671168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 001609216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-06 01:02 - 2018-07-06 01:02 - 000076088 _____ () C:\Program Files\iTunes\zlib1.dll
2018-07-06 01:02 - 2018-07-06 01:02 - 001042232 _____ () C:\Program Files\iTunes\libxml2.dll
2016-09-26 09:47 - 2011-08-09 14:22 - 000450560 _____ () C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OSLite.dll
2016-09-26 09:47 - 2016-08-26 15:41 - 000014848 _____ () C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\Tracer.dll
2016-09-26 09:47 - 2016-05-31 09:41 - 000122880 _____ () C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OlyPalm.dll
2019-01-10 11:01 - 2019-01-10 11:01 - 000093648 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2019-01-23 21:39 - 2019-01-22 14:14 - 001213768 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2019-01-23 21:39 - 2019-01-22 14:14 - 002103112 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2019-01-09 07:30 - 2019-01-22 14:16 - 000023376 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\tornado.speedups.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000025456 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000148968 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\_cffi_backend.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 001878888 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000025960 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:14 - 000118232 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\pywintypes36.dll
2019-01-09 07:30 - 2019-01-22 14:14 - 000109024 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32api.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000082760 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\fastpath.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:14 - 000418776 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\pythoncom36.dll
2019-01-23 21:39 - 2019-01-22 14:15 - 000074072 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000027616 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32event.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000049128 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32process.cp36-win32.pyd
2019-01-09 07:30 - 2019-01-22 14:14 - 000026600 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32clipboard.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000131552 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32file.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000182752 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32gui.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000027616 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32pipe.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000119272 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32security.cp36-win32.pyd
2019-01-09 07:30 - 2019-01-22 14:16 - 000401752 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32com.shell.shell.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000028640 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32job.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:16 - 000034664 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000062304 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:14 - 000023520 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\mmapfile.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 001457488 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\dbxlog._dbxlog.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000027488 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000053736 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32service.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000065504 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32evtlog.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000025944 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:16 - 000068968 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000028520 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000032224 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32ts.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 001755472 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000101200 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt592.sip.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 001885520 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000523600 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 003755344 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000061408 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32print.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000169304 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000061784 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000042840 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000202584 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000117584 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000214872 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000099664 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000029544 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.shell32.compiled._winffi_shell32.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000028008 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000033632 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winreindex.compiled._winreindex.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000027624 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32profile.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:16 - 000025960 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000025448 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000025960 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000031600 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000486880 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winxpgui.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000051552 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000029040 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 011941712 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\nucleus_python.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000029024 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:14 - 000036312 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\librsync.dll
2019-01-23 21:39 - 2019-01-22 14:15 - 000036712 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000272208 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2019-01-09 07:31 - 2019-01-22 14:16 - 000025960 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.advapi32.compiled._winffi_advapi32.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000433992 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2019-01-09 07:31 - 2019-01-22 14:16 - 000038240 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000026432 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\libEGL.DLL
2019-01-23 21:39 - 2019-01-22 14:15 - 001967936 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2019-01-09 07:31 - 2019-01-22 14:16 - 000095592 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000025960 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.shcore.compiled._winffi_shcore.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000054096 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000029544 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:16 - 000025448 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.gdi32.compiled._winffi_gdi32.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000557392 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000335184 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.cp36-win32.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5F64C164 [246]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2013-11-02 08:39 - 000000098 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\7-Zip;C:\Program Files\Calibre2\;c:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Leawo\Youtube Download;C:\Program Files\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: HlidacKatastru => C:\Program Files\Hlídač katastru\DRM.WinKlient.exe -h
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\StartupApproved\Run: => "FastVD"
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0E339DC1-B468-41C4-BD82-30F54B65EA6D}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft)
FirewallRules: [{99331D34-DD80-4929-A43F-B221B5DC4AC6}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft)
FirewallRules: [UDP Query User{D29F35AC-8CB8-4A8A-B257-D42A3688B4BB}C:\program files\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files\apowersoft\apowersoft phone manager\apowersoft phone manager.exe (Apowersoft)
FirewallRules: [TCP Query User{E055B640-242E-431A-A153-E325AF746A60}C:\program files\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files\apowersoft\apowersoft phone manager\apowersoft phone manager.exe (Apowersoft)
FirewallRules: [UDP Query User{4A1500E3-5667-498B-8D43-B6489FFE0A69}C:\program files\cobian backup 11\cbremotemanager.exe] => (Block) C:\program files\cobian backup 11\cbremotemanager.exe (Luis Cobian, CobianSoft)
FirewallRules: [TCP Query User{40E037D7-6F2B-4189-9BE7-E37F1E2DB346}C:\program files\cobian backup 11\cbremotemanager.exe] => (Block) C:\program files\cobian backup 11\cbremotemanager.exe (Luis Cobian, CobianSoft)
FirewallRules: [{8343F31A-BC8F-4C83-B857-E2FB040DBE3F}] => (Block) C:\program files\synology\assistant\dsassistant.exe ()
FirewallRules: [{AED0E5FA-71B1-4E22-928B-E9D247E7B95E}] => (Block) C:\program files\synology\assistant\dsassistant.exe ()
FirewallRules: [UDP Query User{5DE9AB23-5DE3-4A66-B853-CC67D70BD9AD}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe ()
FirewallRules: [TCP Query User{41279818-49EE-4195-A01D-3F257F5C7EE4}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe ()
FirewallRules: [{E7F08B04-7434-4DA7-B100-79A0DB9F8920}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time)
FirewallRules: [{8B772970-C882-4226-858D-1017B18CA9AA}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time)
FirewallRules: [{BE8ED0EF-4D3F-4606-BA34-B6D0F061C69A}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{091EFB90-4805-4B11-9AB3-AA75F3869E4B}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{6017979C-D4CB-48A1-9277-17695A94E891}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{B126D26E-619C-4F7B-AC0D-C8C91A031072}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{E38E73B7-FCDF-426B-95AC-CB226E197597}] => (Allow) LPort=1900
FirewallRules: [{02A879B1-E36E-43EA-8678-90ED146589E2}] => (Allow) LPort=2869
FirewallRules: [{F48C6EF3-4CD4-45AE-879B-32BD60FF986D}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{1FAA4430-FABA-42CD-8EB3-61F10AA24234}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{005F165C-79A5-4ADF-A049-0098A021C0F9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{4EF9BDFF-FBC5-4BD8-BC7F-3000E42DB49D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{9D61517A-6703-4F4F-A919-6F3C5FE08979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{DDA36739-C154-4DD8-8910-55B06D0EE5B0}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia)
FirewallRules: [UDP Query User{B5F3F141-24E0-4E6B-A305-478FEBDD291A}C:\users\mm\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mm\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc.)
FirewallRules: [TCP Query User{A614E994-D491-47FB-99A2-2A44A078A47D}C:\users\mm\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mm\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc.)
FirewallRules: [UDP Query User{C079928A-0D89-45A1-BD12-D24D5BEEA92F}C:\program files\leawo\video converter ultimate\loadingscreen.exe] => (Allow) C:\program files\leawo\video converter ultimate\loadingscreen.exe (Leawo Software)
FirewallRules: [TCP Query User{0B0A1F00-8D12-4EDE-BB1D-C29968365323}C:\program files\leawo\video converter ultimate\loadingscreen.exe] => (Allow) C:\program files\leawo\video converter ultimate\loadingscreen.exe (Leawo Software)
FirewallRules: [UDP Query User{1D79CE16-946C-4419-A042-D68A9E01BC4B}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [TCP Query User{7F1D6150-4650-4E73-9847-30E2B605CF1F}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [UDP Query User{BF71FF11-137A-44ED-9458-8D5DA7D18065}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File
FirewallRules: [TCP Query User{3FA63A09-2A5C-4372-9EEA-AA5677204284}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File
FirewallRules: [{D7177E80-BC81-4E55-A86D-2E21E2F4CE80}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia)
FirewallRules: [{368B0482-E029-4D92-8484-48F029003E25}] => (Allow) C:\Program Files\Winamp\winamp.exe (Winamp SA)
FirewallRules: [{E29EEBEC-8F47-4118-891A-9FB9D8994B4A}] => (Allow) C:\Program Files\Winamp\winamp.exe (Winamp SA)
FirewallRules: [{E8FEFB77-3861-4193-8935-D8BD0FCD4A29}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
FirewallRules: [{4031D7B6-4280-4598-B337-AC3717D6B613}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [UDP Query User{D8F6E4E1-FE78-4E29-B75D-28277C542EE4}C:\totalcmd\totalcmd.exe] => (Block) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH)
FirewallRules: [TCP Query User{7A600E21-C74D-40FB-B6E1-FC2D4FC9D162}C:\totalcmd\totalcmd.exe] => (Block) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH)
FirewallRules: [{E408802B-6D44-49B6-BCF3-2FA63088C31B}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia)
FirewallRules: [{D015FA8F-C43E-4D5D-8E26-C782B01C069C}] => (Allow) C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{E9E8DE2D-76A8-40E9-8A6F-5D9AF0C68925}] => (Allow) C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{D8921C04-31F4-446D-8CD8-89D86FC04EE6}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
FirewallRules: [{B2D2F422-90E5-4974-8FA2-60170613AC04}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
FirewallRules: [{1A692052-A7B2-46C7-95AD-20F7B746F60E}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
FirewallRules: [{E46FDE2C-35F0-4838-A6A6-0F379F7C5AAE}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
FirewallRules: [UDP Query User{76999890-ED78-4F20-8D67-C214BCCEA2EC}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Winamp SA)
FirewallRules: [TCP Query User{56104883-A540-47B1-8130-FD2BEAFD9062}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Winamp SA)
FirewallRules: [{E6ED5A8F-2A55-40E4-8041-4F62A7048956}] => (Allow) C:\Program Files\Scanitto Pro\scanittopro.exe (Masters ITC Software)
FirewallRules: [{D2FF3C48-6181-4702-A0E1-175D6892795B}] => (Allow) C:\Program Files\Scanitto Pro\scanittopro.exe (Masters ITC Software)
FirewallRules: [{7720ECB6-06BD-4231-9101-CFC462D60CF4}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
FirewallRules: [{19CFD158-DE51-4190-AF07-BE2321C832B5}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{CEEBEE20-51BC-475F-BE7D-1E0D1AB2EB3D}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{65D032D7-1295-4F5A-B1AE-B3FB1098348D}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{4526A5E5-0BA6-4D58-908A-ADF737B9541A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{1CBCEC77-0A61-425F-B841-5FD01164642D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{00D7B94D-FE6A-4CBC-BA10-C11302984B42}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Restore Points =========================

28-01-2019 08:24:16 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2019 02:47:03 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: MM-PC)
Description: httphttp-2147467263

Error: (01/28/2019 02:39:46 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny IMultiInterfaceEventControl::GetSubscriptions došlo k neočekávané chybě. hr= 0x80010108, Vyvolaný objekt se odpojil od svých klientů.
.

Error: (01/28/2019 02:14:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c172047e-44cd-4d2e-a413-4833275a588c}

Error: (01/28/2019 02:14:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
Název modulu pro zápis: MSMQ Writer (MSMQ)
Název instance zapisovače: MSMQ Writer (MSMQ)
ID instance modulu pro zápis: {0d75b489-182c-4d3b-b9ad-f1b99991ff14}

Error: (01/28/2019 02:13:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c172047e-44cd-4d2e-a413-4833275a588c}

Error: (01/28/2019 02:13:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
Název modulu pro zápis: MSMQ Writer (MSMQ)
Název instance zapisovače: MSMQ Writer (MSMQ)
ID instance modulu pro zápis: {0d75b489-182c-4d3b-b9ad-f1b99991ff14}

Error: (01/28/2019 02:11:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
Název modulu pro zápis: MSMQ Writer (MSMQ)
Název instance zapisovače: MSMQ Writer (MSMQ)
ID instance modulu pro zápis: {0d75b489-182c-4d3b-b9ad-f1b99991ff14}

Error: (01/28/2019 02:11:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c172047e-44cd-4d2e-a413-4833275a588c}


System errors:
=============
Error: (01/28/2019 02:45:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (01/28/2019 02:44:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/28/2019 02:44:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/28/2019 02:41:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/28/2019 02:41:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetTcpPortSharing neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/28/2019 02:41:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby NetTcpPortSharing bylo dosaženo časového limitu (30000 ms).

Error: (01/28/2019 02:40:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetMsmqActivator závisí na službě WAS, která neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/28/2019 02:40:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba W3SVC závisí na službě WAS, která neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
===================================
Date: 2019-01-25 13:13:54.098
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Detplock
ID: 2147680291
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\DATA_07 Instalace\PC údržba_instal\pc-decrapifier-3.0.1.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: MM-PC\MM
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.285.113.0, AS: 1.285.113.0, NIS: 1.285.113.0
Verze modulu: AM: 1.1.15600.4, NIS: 1.1.15600.4

Date: 2019-01-12 15:02:05.631
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: BrowserModifier:Win32/Prifou
ID: 224074
Závažnost: Vysoké
Kategorie: Program měnící nastavení prohlížeče
Cesta: file:_C:\Users\MM\AppData\Local\Temp\tmp7750947\tufitede.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: MM-PC\MM
Název procesu: C:\Windows\System32\cmd.exe
Verze podpisu: AV: 1.283.2788.0, AS: 1.283.2788.0, NIS: 1.283.2788.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2019-01-04 08:31:02.270
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Detplock
ID: 2147680291
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\MM\Downloads\pc-decrapifier-3.0.1.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: MM-PC\MM
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.283.2194.0, AS: 1.283.2194.0, NIS: 1.283.2194.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2

CodeIntegrity:
===================================

Date: 2019-01-28 14:04:31.470
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-28 14:04:31.363
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-28 14:04:31.117
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-28 14:04:31.072
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-28 14:04:26.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-28 14:04:22.767
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-23 17:04:24.828
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\AcSignIcon.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-23 17:04:24.746
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Percentage of memory in use: 51%
Total physical RAM: 3326.49 MB
Available physical RAM: 1599.23 MB
Total Virtual: 6654.49 MB
Available Virtual: 4824.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.32 GB) (Free:191.29 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DISK) (Fixed) (Total:931.28 GB) (Free:110.87 GB) FAT32

\\?\Volume{8f4a8f4a-0000-0000-0000-805474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 8F4A8F4A)
Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 8F598F59)
Partition 1: (Active) - (Size=931.5 GB) - (Type=0C)

==================== End of Addition.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 28 led 2019 16:21 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1614
Do poznamkoveho bloku skopirujte obsah dole:

Kód:
CloseProcesses:

(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(IObit) C:\Program Files\IObit\iFreeUp\iFreeUpMini.exe
C:\Program Files\IObit
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y2w02
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origi ... w=y2w02&q={searchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origi ... w=y2w02&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> DefaultScope {A474C13C-4057-4FF7-8A1B-4B67CD52B1B8} URL =
FF Homepage: Mozilla\Firefox\Profiles\fkn1jbez.default-1517395260472 -> hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y2w02
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi => not found
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
U3 idsvc; no ImagePath
2013-02-07 13:22 - 2013-02-07 13:22 - 000050330 _____ () C:\Program Files\AntiDust.exe
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
Task: {0A08A316-66F2-4AA5-ADBF-E2438F3D0413} - System32\Tasks\iFreeUp_SkipUac_MM => C:\Program Files\IObit\iFreeUp\iFreeUp.exe [2016-09-30] (IObit)
2018-05-12 19:38 - 2014-10-16 09:26 - 000622880 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2018-05-12 19:38 - 2013-01-15 17:48 - 000348992 _____ () C:\Program Files\IObit\iFreeUp\madExcept_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000183616 _____ () C:\Program Files\IObit\iFreeUp\madBasic_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000051008 _____ () C:\Program Files\IObit\iFreeUp\madDisAsm_.bpl
2018-05-12 19:38 - 2015-07-29 13:12 - 000561952 _____ () C:\Program Files\IObit\iFreeUp\SQLite3.dll
Task: {0712D985-FE50-4453-B711-9D787D886FEE} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {1FE28DED-329D-4F65-977E-DE59183223D5} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe <==== ATTENTION
Task: {25A498BD-8098-49DC-870B-3613C5B94F05} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {33452792-50BF-4969-AAFD-25FA918E5CC0} - System32\Tasks\{BCD55362-CA17-4697-9E37-2F82DD989112} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
ask: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {51BBDED5-0944-459A-B88E-D5700EB7E934} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {58E10C5E-B5DA-4A19-8169-46B96C322ABF} - System32\Tasks\{BE11830D-5D39-4883-94CE-41DB18416871} => C:\WINDOWS\system32\pcalua.exe -a E:\RUN.EXE -d E:\
Task: {B4BE7187-A7DE-41C0-9194-09F9D119D65F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BCF0BAA4-BF12-4602-870A-947E9545E3D1} - System32\Tasks\{33FC4677-F90D-49E3-90AB-108286B51A8F} => C:\Windows\system32\pcalua.exe -a C:\Users\MM\Downloads\Nokia_PC_Suite_ALL.exe -d C:\Users\MM\Downloads
Task: {DF17705F-16E4-4E4F-BFCF-F3C2A89DC726} - \Torntv 2-updater -> No File <==== ATTENTION
Task: {FA4677CD-F9EC-47DC-9C8A-DC71D2EEC9A3} - System32\Tasks\{84F07497-72BB-41B9-92BA-11DAEC4BC5E6} => C:\Windows\system32\pcalua.exe -a E:\Data\Install\mapsource\MapSource_6156.exe -d E:\Data\Install\mapsource
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\www.emcos.cz\target.lnk -> hxxp://www.emcos.c
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co
AlternateDataStreams: C:\ProgramData\Temp:5F64C164 [246]
FirewallRules: [UDP Query User{1D79CE16-946C-4419-A042-D68A9E01BC4B}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [TCP Query User{7F1D6150-4650-4E73-9847-30E2B605CF1F}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [UDP Query User{BF71FF11-137A-44ED-9458-8D5DA7D18065}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File
FirewallRules: [TCP Query User{3FA63A09-2A5C-4372-9EEA-AA5677204284}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File



Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 28 led 2019 17:19 
Offline
Návštěvník
Návštěvník

Registrován: 28 led 2019 13:23
Příspěvky: 12
Fix result of Farbar Recovery Scan Tool (x86) Version: 27-01-2019
Ran by MM (28-01-2019 17:11:59) Run:1
Running from C:\Users\MM\Desktop
Loaded Profiles: MM (Available Profiles: MM & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CloseProcesses:

(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(IObit) C:\Program Files\IObit\iFreeUp\iFreeUpMini.exe
C:\Program Files\IObit
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y2w02
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origi ... w=y2w02&q={searchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origi ... w=y2w02&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> DefaultScope {A474C13C-4057-4FF7-8A1B-4B67CD52B1B8} URL =
FF Homepage: Mozilla\Firefox\Profiles\fkn1jbez.default-1517395260472 -> hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y2w02
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi => not found
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
U3 idsvc; no ImagePath
2013-02-07 13:22 - 2013-02-07 13:22 - 000050330 _____ () C:\Program Files\AntiDust.exe
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
Task: {0A08A316-66F2-4AA5-ADBF-E2438F3D0413} - System32\Tasks\iFreeUp_SkipUac_MM => C:\Program Files\IObit\iFreeUp\iFreeUp.exe [2016-09-30] (IObit)
2018-05-12 19:38 - 2014-10-16 09:26 - 000622880 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2018-05-12 19:38 - 2013-01-15 17:48 - 000348992 _____ () C:\Program Files\IObit\iFreeUp\madExcept_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000183616 _____ () C:\Program Files\IObit\iFreeUp\madBasic_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000051008 _____ () C:\Program Files\IObit\iFreeUp\madDisAsm_.bpl
2018-05-12 19:38 - 2015-07-29 13:12 - 000561952 _____ () C:\Program Files\IObit\iFreeUp\SQLite3.dll
Task: {0712D985-FE50-4453-B711-9D787D886FEE} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {1FE28DED-329D-4F65-977E-DE59183223D5} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe <==== ATTENTION
Task: {25A498BD-8098-49DC-870B-3613C5B94F05} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {33452792-50BF-4969-AAFD-25FA918E5CC0} - System32\Tasks\{BCD55362-CA17-4697-9E37-2F82DD989112} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
ask: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {51BBDED5-0944-459A-B88E-D5700EB7E934} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {58E10C5E-B5DA-4A19-8169-46B96C322ABF} - System32\Tasks\{BE11830D-5D39-4883-94CE-41DB18416871} => C:\WINDOWS\system32\pcalua.exe -a E:\RUN.EXE -d E:\
Task: {B4BE7187-A7DE-41C0-9194-09F9D119D65F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BCF0BAA4-BF12-4602-870A-947E9545E3D1} - System32\Tasks\{33FC4677-F90D-49E3-90AB-108286B51A8F} => C:\Windows\system32\pcalua.exe -a C:\Users\MM\Downloads\Nokia_PC_Suite_ALL.exe -d C:\Users\MM\Downloads
Task: {DF17705F-16E4-4E4F-BFCF-F3C2A89DC726} - \Torntv 2-updater -> No File <==== ATTENTION
Task: {FA4677CD-F9EC-47DC-9C8A-DC71D2EEC9A3} - System32\Tasks\{84F07497-72BB-41B9-92BA-11DAEC4BC5E6} => C:\Windows\system32\pcalua.exe -a E:\Data\Install\mapsource\MapSource_6156.exe -d E:\Data\Install\mapsource
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\www.emcos.cz\target.lnk -> hxxp://www.emcos.c
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webov� servery ve slu�b� MSN\target.lnk -> hxxp://www.msnusers.co
AlternateDataStreams: C:\ProgramData\Temp:5F64C164 [246]
FirewallRules: [UDP Query User{1D79CE16-946C-4419-A042-D68A9E01BC4B}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [TCP Query User{7F1D6150-4650-4E73-9847-30E2B605CF1F}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [UDP Query User{BF71FF11-137A-44ED-9458-8D5DA7D18065}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File
FirewallRules: [TCP Query User{3FA63A09-2A5C-4372-9EEA-AA5677204284}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File

*****************

Processes closed successfully.
C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe => No running process found
C:\Program Files\IObit\iFreeUp\iFreeUpMini.exe => No running process found
C:\Program Files\IObit => moved successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully.
HKLM\Software\Classes\CLSID\{503739d0-4c5e-4cfd-b3ba-d881334f0df2} => not found
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => removed successfully.
HKLM\Software\Classes\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => not found
"HKU\S-1-5-21-1107837428-173974533-547177936-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"Firefox homepage" => removed successfully.
"HKLM\Software\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}" => removed successfully.
"HKLM\Software\Mozilla\Firefox\Extensions\\AllMyTube@Wondershare.com" => removed successfully.
HKLM\Software\MozillaPlugins\@garmin.com/GpsControl => removed successfully.
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully.
idsvc => service removed successfully.
C:\Program Files\AntiDust.exe => moved successfully
HKLM\System\CurrentControlSet\Services\LiveUpdateSvc => removed successfully.
LiveUpdateSvc => service removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A08A316-66F2-4AA5-ADBF-E2438F3D0413}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A08A316-66F2-4AA5-ADBF-E2438F3D0413}" => removed successfully.
C:\Windows\System32\Tasks\iFreeUp_SkipUac_MM => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iFreeUp_SkipUac_MM" => removed successfully.
"C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll" => not found
"C:\Program Files\IObit\iFreeUp\madExcept_.bpl" => not found
"C:\Program Files\IObit\iFreeUp\madBasic_.bpl" => not found
"C:\Program Files\IObit\iFreeUp\madDisAsm_.bpl" => not found
"C:\Program Files\IObit\iFreeUp\SQLite3.dll" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0712D985-FE50-4453-B711-9D787D886FEE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0712D985-FE50-4453-B711-9D787D886FEE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FE28DED-329D-4F65-977E-DE59183223D5}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FE28DED-329D-4F65-977E-DE59183223D5}" => removed successfully.
C:\Windows\System32\Tasks\0 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25A498BD-8098-49DC-870B-3613C5B94F05}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25A498BD-8098-49DC-870B-3613C5B94F05}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33452792-50BF-4969-AAFD-25FA918E5CC0}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33452792-50BF-4969-AAFD-25FA918E5CC0}" => removed successfully.
C:\Windows\System32\Tasks\{BCD55362-CA17-4697-9E37-2F82DD989112} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BCD55362-CA17-4697-9E37-2F82DD989112}" => removed successfully.
ask: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51BBDED5-0944-459A-B88E-D5700EB7E934}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51BBDED5-0944-459A-B88E-D5700EB7E934}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58E10C5E-B5DA-4A19-8169-46B96C322ABF}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58E10C5E-B5DA-4A19-8169-46B96C322ABF}" => removed successfully.
C:\Windows\System32\Tasks\{BE11830D-5D39-4883-94CE-41DB18416871} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE11830D-5D39-4883-94CE-41DB18416871}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4BE7187-A7DE-41C0-9194-09F9D119D65F}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4BE7187-A7DE-41C0-9194-09F9D119D65F}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCF0BAA4-BF12-4602-870A-947E9545E3D1}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCF0BAA4-BF12-4602-870A-947E9545E3D1}" => removed successfully.
C:\Windows\System32\Tasks\{33FC4677-F90D-49E3-90AB-108286B51A8F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{33FC4677-F90D-49E3-90AB-108286B51A8F}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF17705F-16E4-4E4F-BFCF-F3C2A89DC726}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF17705F-16E4-4E4F-BFCF-F3C2A89DC726}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv 2-updater => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA4677CD-F9EC-47DC-9C8A-DC71D2EEC9A3}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA4677CD-F9EC-47DC-9C8A-DC71D2EEC9A3}" => removed successfully.
C:\Windows\System32\Tasks\{84F07497-72BB-41B9-92BA-11DAEC4BC5E6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{84F07497-72BB-41B9-92BA-11DAEC4BC5E6}" => removed successfully.
C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk => moved successfully
C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\www.emcos.cz\target.lnk => moved successfully
C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webov� servery ve slu�b� MSN\target.lnk => not found.
C:\ProgramData\Temp => ":5F64C164" ADS removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1D79CE16-946C-4419-A042-D68A9E01BC4B}C:\program files\common files\nokia\fuse\fuse.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7F1D6150-4650-4E73-9847-30E2B605CF1F}C:\program files\common files\nokia\fuse\fuse.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BF71FF11-137A-44ED-9458-8D5DA7D18065}C:\program files\common files\nokia\fuse\fuseservice.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3FA63A09-2A5C-4372-9EEA-AA5677204284}C:\program files\common files\nokia\fuse\fuseservice.exe" => removed successfully.


The system needed a reboot.

==== End of Fixlog 17:12:32 ====


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 28 led 2019 17:29 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1614
Dobre, urobte este nasledovne:

Do poznamkoveho bloku skopirujte obsah dole:

Kód:
Task: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co


Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 28 led 2019 17:45 
Offline
Návštěvník
Návštěvník

Registrován: 28 led 2019 13:23
Příspěvky: 12
Fix result of Farbar Recovery Scan Tool (x86) Version: 27-01-2019
Ran by MM (28-01-2019 17:37:31) Run:2
Running from C:\Users\MM\Desktop
Loaded Profiles: MM (Available Profiles: MM & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Task: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48E5913B-1814-4107-93FE-76B6C1B776F6}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48E5913B-1814-4107-93FE-76B6C1B776F6}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully.
C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk => moved successfully

==== End of Fixlog 17:37:31 ====


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 28 led 2019 17:47 
Offline
Rádce
Rádce
Uživatelský avatar

Registrován: 27 dub 2008 10:34
Příspěvky: 1614
Super.

Ako je na tom pocitac?

_________________
¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 11 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Google [Bot]


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
cron
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?
>