Logfile of random's system information tool 1.10 (written by random/random)
Run by Jirka at 2019-09-15 10:32:37
Microsoft Windows 10 Home
System drive C: has 15 GB (15%) free of 100 GB
Total RAM: 16315 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:32:56, on 15.09.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Users\Jirka\Autodesk\Genuine Service\GenuineService.exe
C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
C:\Program Files\trend micro\Jirka.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
O4 - HKLM\..\Run: [ASUSRAMCACHE] "C:\Program Files (x86)\ASUSRAMCACHE\RamCache.exe"
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [vmware-tray.exe] "E:\VMware Workstation\vmware-tray.exe"
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe -ByGPUTweakII -12 293 /RestartByRestartManager:AFA6FCDA-A031-4225-90B8-EA967FF66CEB (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #5] C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe -ByGPUTweakII -12 293 /RestartByRestartManager:5D93AFBF-97DF-41e7-82D3-F681A87747B1 (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #7] C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe /RestartByRestartManager:EEBA89D2-E43B-43f1-909C-EC1162B8B013 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #0] C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe -ByGPUTweakII -12 293 /RestartByRestartManager:AFA6FCDA-A031-4225-90B8-EA967FF66CEB (User 'Default user')
O4 - Startup: GenuineService.lnk = Jirka\Autodesk\Genuine Service\GenuineService.exe
O4 - Global Startup: SOLIDWORKS 2017 Rychlé spuštění.lnk = ?
O4 - Global Startup: SolidWorks Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - (no file)
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O21 - SSODL: EldosMountNotificator-cbfs6 - {7C9078E6-5F54-498B-BA3B-7E489D223B01} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {7C9078E6-5F54-498B-BA3B-7E489D223B01} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsusFanControlService.exe
O23 - Service: AsusGameFirstService - ASUSTeK - C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corporation - E:\SolidWorks 2017\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\WINDOWS\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) MPI Library Hydra Process Manager (impi_hydra) - Intel Corporation - C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Online Connect - Intel Corporation - C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
O23 - Service: Intel(R) Online Connect Helper - Intel Corporation - C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe
O23 - Service: Intel(R) Online Connect Software Asset Manager - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Online Connect Access Legacy CS Loader (Intel(R) TechnologyAccessLegacyCSLoader) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
O23 - Service: Intel(R) Online Connect Access (Intel(R) TechnologyAccessService) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Print Manager (PrintManager) - Unknown owner - E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\SysWOW64\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\SysWOW64\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - E:\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 19112 bytes
======Listing Processes======
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s DsmSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe"
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe" -schedule
"C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe" -onlytray
"C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\DbxSvc.exe
"ctfmon.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
"C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe"
"C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsusFanControlService.exe"
"C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe"
"C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe"
"C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe"
"C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
"E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
"E:\VMware Workstation\vmware-authd.exe"
C:\WINDOWS\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\WINDOWS\SysWOW64\vmnat.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\hasplms.exe -run
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
dashost.exe {d656eba6-241d-481d-9c450d0c7f0e8070}
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
"E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\bin\win\node.exe" server.js
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"c:\program files\avast software\avast\aswEngSrv.exe" /pipename="93655E9E-975F-F8D9-125C-99D596965A04" /binpath="c:\program files\avast software\avast"
"C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe"
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe" ⼜5
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe"
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Windows Defender\MSASCuiL.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
AvastUI.exe /nogui
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"E:\SolidWorks 2017\SOLIDWORKS\sldworks_fs.exe"
"C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe"
"C:\Users\Jirka\Autodesk\Genuine Service\GenuineService.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe"
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\rempl\sedsvc.exe"
%systemroot%\system32\MusNotifyIcon.exe NotifyTrayIcon 10
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6932.0.1467195538\1493227218" -parentBuildID 20190827005903 -prefsHandle 1536 -prefMapHandle 1532 -prefsLen 1 -prefMapSize 217360 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 6932 "\\.\pipe\gecko-crash-server-pipe.6932" 1624 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6932.3.360081794\636984708" -childID 1 -isForBrowser -prefsHandle 2412 -prefMapHandle 2416 -prefsLen 98 -prefMapSize 217360 -parentBuildID 20190827005903 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 6932 "\\.\pipe\gecko-crash-server-pipe.6932" 2428 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6932.13.1314207865\503062388" -childID 2 -isForBrowser -prefsHandle 4348 -prefMapHandle 4412 -prefsLen 365 -prefMapSize 217360 -parentBuildID 20190827005903 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 6932 "\\.\pipe\gecko-crash-server-pipe.6932" 4424 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6932.20.1017284912\874011279" -childID 3 -isForBrowser -prefsHandle 4276 -prefMapHandle 4196 -prefsLen 365 -prefMapSize 217360 -parentBuildID 20190827005903 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 6932 "\\.\pipe\gecko-crash-server-pipe.6932" 4772 tab
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6932.27.139651147\682446989" -childID 4 -isForBrowser -prefsHandle 6864 -prefMapHandle 7224 -prefsLen 8418 -prefMapSize 217360 -parentBuildID 20190827005903 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 6932 "\\.\pipe\gecko-crash-server-pipe.6932" 8624 tab
"C:\WINDOWS\NOTEPAD.EXE" C:\Users\Jirka\Desktop\Nový textový dokument.txt
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6932.34.1002745378\1808352665" -childID 5 -isForBrowser -prefsHandle 4336 -prefMapHandle 4344 -prefsLen 9063 -prefMapSize 217360 -parentBuildID 20190827005903 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 6932 "\\.\pipe\gecko-crash-server-pipe.6932" 6488 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6932.41.826878847\370710243" -childID 6 -isForBrowser -prefsHandle 6312 -prefMapHandle 8624 -prefsLen 9063 -prefMapSize 217360 -parentBuildID 20190827005903 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 6932 "\\.\pipe\gecko-crash-server-pipe.6932" 6804 tab
"C:\Users\Jirka\Desktop\RSITx64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose /background
======Scheduled tasks folder======
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default
prefs.js - "browser.startup.homepage" - "google.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\3ds.com/ComposerPlayerWebPlugin]
"Description"=
"Path"=E:\SolidWorks 2017\SOLIDWORKS Composer Player\Bin\x86\npcomposerplayerwebplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.130 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\3ds.com/ComposerPlayerWebPlugin_x86_64]
"Description"=
"Path"=E:\SolidWorks 2017\SOLIDWORKS Composer Player\Bin\npcomposerplayerwebplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.130 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\extensions\
amcontextmenu@loucypher
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-02 221664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-06 166360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-12-27 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-12-27 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-08-19 8899592]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-09-09 268680]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11 509936]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2019-07-04 2849872]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-13 3942864]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2018-10-05 18727048]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2018-04-12 20488312]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-08-22 3210528]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-09-10 18630056]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2019-08-08 83523944]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"=C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [2013-01-28 550272]
"ASUSRAMCACHE"=C:\Program Files (x86)\ASUSRAMCACHE\RamCache.exe [2017-02-06 4325520]
"Autodesk Desktop App"=C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2018-05-09 708904]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2019-09-05 5888320]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2013-04-15 337432]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2018-09-13 2410968]
"vmware-tray.exe"=E:\VMware Workstation\vmware-tray.exe [2017-09-18 115688]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SOLIDWORKS 2017 Rychlé spuštění.lnk - C:\WINDOWS\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
SolidWorks Nástroj pro stahování na pozadí.lnk - C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
GenuineService.lnk - C:\Users\Jirka\Autodesk\Genuine Service\GenuineService.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
EldosMountNotificator-cbfs6 - {7C9078E6-5F54-498B-BA3B-7E489D223B01} - C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-08-03 196000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {7C9078E6-5F54-498B-BA3B-7E489D223B01} - C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-08-03 196000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FPS1"=frapsv64.dll
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\WINDOWS\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2019-09-15 10:32:38 ----D---- C:\Program Files\trend micro
2019-09-15 10:32:37 ----D---- C:\rsit
2019-09-10 00:12:55 ----D---- C:\ProgramData\LogiShrd
2019-09-09 23:46:06 ----D---- C:\Program Files\Logitech Gaming Software
2019-09-09 23:33:19 ----DC---- C:\Users\Jirka\AppData\Roaming\Logitech
2019-09-09 23:33:18 ----DC---- C:\Users\Jirka\AppData\Roaming\Logishrd
2019-09-09 10:01:52 ----A---- C:\WINDOWS\system32\aswBoot.exe
2019-09-09 10:01:45 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2019-09-09 10:01:45 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2019-09-05 14:18:06 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2019-09-05 14:18:06 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2019-09-05 14:18:06 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2019-09-05 14:18:06 ----A---- C:\WINDOWS\system32\DbxSvc.exe
2019-08-29 18:01:02 ----HD---- C:\$WINDOWS.~BT
2019-08-23 17:02:52 ----DC---- C:\Users\Jirka\AppData\Roaming\kicad
2019-08-23 08:26:24 ----D---- C:\WINDOWS\Panther
2019-08-18 21:57:11 ----D---- C:\Program Files (x86)\gs
2019-08-18 21:55:55 ----D---- C:\ProgramData\VsTelemetry
2019-08-18 21:55:49 ----DC---- C:\Users\Jirka\AppData\Roaming\Corel
2019-08-18 21:44:10 ----D---- C:\ProgramData\Corel
2019-08-18 21:40:03 ----D---- C:\ProgramData\UniqueId
======List of files/folders modified in the last 1 month======
2019-09-15 10:32:55 ----SD---- C:\ProgramData\Microsoft
2019-09-15 10:32:38 ----D---- C:\Program Files
2019-09-15 10:28:00 ----D---- C:\WINDOWS\Temp
2019-09-15 10:14:49 ----D---- C:\WINDOWS\System32
2019-09-15 10:14:49 ----D---- C:\WINDOWS\INF
2019-09-15 10:14:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-15 10:14:02 ----HD---- C:\Program Files\WindowsApps
2019-09-15 10:11:38 ----D---- C:\WINDOWS\system32\sru
2019-09-15 10:11:05 ----D---- C:\WINDOWS\Prefetch
2019-09-15 10:07:56 ----D---- C:\ProgramData\VMware
2019-09-15 10:07:55 ----D---- C:\ProgramData\NVIDIA
2019-09-13 18:36:02 ----D---- C:\WINDOWS\system32\config
2019-09-13 17:52:18 ----D---- C:\WINDOWS\system32\LogFiles
2019-09-12 23:05:35 ----D---- C:\WINDOWS\system32\SleepStudy
2019-09-12 22:51:57 ----RD---- C:\WINDOWS\Microsoft.NET
2019-09-12 22:10:12 ----D---- C:\WINDOWS\WinSxS
2019-09-12 22:08:22 ----D---- C:\WINDOWS\system32\DriverStore
2019-09-12 22:06:16 ----D---- C:\WINDOWS\TextInput
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\wbem
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\oobe
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\migration
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\Dism
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-09-12 22:06:16 ----D---- C:\WINDOWS\SysWOW64
2019-09-12 22:06:15 ----SD---- C:\WINDOWS\system32\UNP
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\zu-ZA
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\yo-NG
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\xh-ZA
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\wo-SN
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\wbem
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\tn-ZA
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\ti-ET
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\rw-RW
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\oobe
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\nso-ZA
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\migration
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\ig-NG
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\en-US
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\en-GB
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\drivers\en-GB
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2019-09-12 22:06:15 ----D---- C:\WINDOWS\system32\drivers
2019-09-12 22:06:14 ----SD---- C:\WINDOWS\system32\DiagSvcs
2019-09-12 22:06:14 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-09-12 22:06:14 ----D---- C:\WINDOWS\system32\Dism
2019-09-12 22:06:14 ----D---- C:\WINDOWS\system32\cs-CZ
2019-09-12 22:06:14 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-09-12 22:06:14 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-09-12 22:06:14 ----D---- C:\WINDOWS\system32\Boot
2019-09-12 22:06:14 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-09-12 22:06:14 ----D---- C:\WINDOWS\system32\appraiser
2019-09-12 22:06:12 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-09-12 22:06:12 ----D---- C:\WINDOWS\ShellExperiences
2019-09-12 22:06:12 ----D---- C:\WINDOWS\ShellComponents
2019-09-12 22:06:12 ----D---- C:\WINDOWS\Provisioning
2019-09-12 22:06:12 ----D---- C:\WINDOWS\PolicyDefinitions
2019-09-12 22:06:12 ----D---- C:\WINDOWS\bcastdvr
2019-09-12 22:06:12 ----D---- C:\WINDOWS\apppatch
2019-09-12 22:06:11 ----D---- C:\Windows
2019-09-12 22:06:11 ----D---- C:\Program Files\internet explorer
2019-09-12 22:06:11 ----D---- C:\Program Files (x86)\Internet Explorer
2019-09-12 20:11:36 ----D---- C:\WINDOWS\Logs
2019-09-12 19:55:14 ----D---- C:\WINDOWS\AppReadiness
2019-09-12 00:43:57 ----D---- C:\Program Files (x86)\Steam
2019-09-11 07:10:07 ----D---- C:\WINDOWS\system32\catroot2
2019-09-11 02:18:23 ----D---- C:\WINDOWS\CbsTemp
2019-09-10 00:12:55 ----HD---- C:\ProgramData
2019-09-09 23:56:34 ----D---- C:\WINDOWS\system32\CatRoot
2019-09-09 10:01:52 ----HD---- C:\WINDOWS\ELAMBKUP
2019-09-07 02:01:58 ----D---- C:\Program Files (x86)\Dropbox
2019-09-06 17:42:42 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-06 17:42:42 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2019-09-06 11:31:51 ----D---- C:\WINDOWS\system32\Tasks
2019-09-06 01:52:38 ----DC---- C:\Users\Jirka\AppData\Roaming\Stellarium
2019-09-02 22:19:03 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-09-01 05:57:16 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-08-31 14:53:11 ----SHDC---- C:\WINDOWS\Installer
2019-08-31 14:53:11 ----SHD---- C:\Config.Msi
2019-08-31 14:49:12 ----AD---- C:\Program Files (x86)\Microsoft Office
2019-08-30 17:17:11 ----AD---- C:\Program Files\rempl
2019-08-25 17:27:21 ----D---- C:\WINDOWS\system32\NDF
2019-08-23 17:13:00 ----D---- C:\Program Files\Common Files
2019-08-23 17:10:19 ----RD---- C:\Program Files (x86)
2019-08-23 17:10:19 ----D---- C:\Program Files (x86)\Common Files
2019-08-23 17:06:35 ----D---- C:\Program Files\Common Files\microsoft shared
2019-08-23 17:05:34 ----RSD---- C:\WINDOWS\assembly
2019-08-18 21:55:57 ----D---- C:\ProgramData\Package Cache
2019-08-18 21:49:57 ----RSD---- C:\WINDOWS\Fonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-09-09 37104]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-09-09 205848]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-09-09 61472]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-01-08 15488]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-09-09 87944]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-09-09 387176]
R0 FNETHYRAMAS;FNETHYRAMAS; C:\WINDOWS\System32\drivers\FNETHYRAMAS.SYS [2017-02-06 45688]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-10-03 795664]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 AsIO;AsIO; C:\WINDOWS\SysWow64\drivers\AsIO.sys [2014-09-09 15232]
R1 AsUpIO;AsUpIO; C:\WINDOWS\SysWow64\drivers\AsUpIO.sys [2014-02-24 14464]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-09-09 209552]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-09-09 263008]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-09-09 282768]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-09-09 42288]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-09-09 112312]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-09-09 1030784]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-09-09 478096]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 cbfs6;cbfs6; \??\C:\WINDOWS\system32\drivers\cbfs6.sys [2016-08-03 460992]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 FNETURPX;FNETURPX; C:\WINDOWS\System32\drivers\FNETURPX.SYS [2017-02-06 16648]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 ndisrd;@oem23.inf,%ndisrfl_Desc%;Intel(R) Technology Access Filter Driver; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [2016-09-13 59792]
R1 NFC_Driver;NFC_Driver; C:\WINDOWS\system32\drivers\NFC_Driver.sys [2015-06-11 48336]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2016-05-25 137280]
R2 aksdf;aksdf; \??\C:\WINDOWS\system32\drivers\aksdf.sys [2015-04-14 91784]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys [2015-04-14 162136]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-09-09 169408]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-09-09 236024]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 414720]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [2015-04-14 331608]
R2 hcmon;VMware hcmon; C:\WINDOWS\system32\DRIVERS\hcmon.sys [2017-08-31 83008]
R2 LGCoreTemp;Logitech CPU Core Tempurature; \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [2015-06-21 14184]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R3 AiChargerPlus;AiChargerPlus; C:\WINDOWS\SysWow64\drivers\AiChargerPlus.sys [2013-01-28 14848]
R3 AndroidAFD;AndroidAFD; C:\WINDOWS\SysWow64\drivers\AndroidAFDx64.sys [2015-07-06 28472]
R3 asmthub3;@oem32.inf,%asmthub3_ServiceDescription%;ASMedia USB3.1 Hub Service; C:\WINDOWS\System32\drivers\asmthub3.sys [2016-02-16 149760]
R3 asmtxhci;@oem35.inf,%asmtxhci_ServiceDescription%;ASMedia XHCI Service; C:\WINDOWS\System32\drivers\asmtxhci.sys [2016-02-16 451320]
R3 e1dexpress;@oem15.inf,%e1dExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [2017-02-06 559080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-08-19 5276168]
R3 IOMap;IOMap; \??\C:\WINDOWS\system32\drivers\IOMap64.sys [2014-10-24 24824]
R3 LGBusEnum;@oem63.inf,%LGBusEnum.SVCDESC%;Logitech Gaming Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\LGBusEnum.sys [2018-10-05 36496]
R3 LGJoyXlCore;@oem63.inf,%LGJoyXlCore.SVCDESC%;Logitech Translation Layer Driver (LGS); C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [2018-10-05 67736]
R3 LGVirHid;@oem64.inf,%LGVirHid.SVCDESC%;Logitech Gamepanel Virtual HID Device Driver; C:\WINDOWS\system32\drivers\LGVirHid.sys [2018-10-05 26008]
R3 MEIx64;@oem58.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2018-05-06 228992]
R3 NVHDA;@oem22.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2018-12-17 227896]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_37ec54c19854e219\nvlddmkm.sys [2019-04-10 20747736]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;@oem43.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 dtproscsibus;DAEMON Tools Pro Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [2017-02-06 30352]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hidkmdf;@oem3.inf,%hidkmdf.SVCDESC%;KMDF Driver; C:\WINDOWS\System32\drivers\hidkmdf.sys [2014-08-06 14136]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-06-07 76304]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 qcusbnet;@oem56.inf,%qcwwan.Service.DispName%;Qualcomm USB-NDIS miniport; C:\WINDOWS\System32\drivers\qcusbnet.sys [2017-03-15 428600]
S3 qcusbser;@oem55.inf,%QCUSBSER%;Qualcomm USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [2017-03-15 254520]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]
S4 nvvad_WaveExtensible;@oem53.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys []
S4 nvvhci;@oem22.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2018-05-09 1388920]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2018-09-13 818136]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2019-07-04 3117648]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2019-07-04 2888272]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2015-05-08 936728]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [2015-05-08 954648]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-09-26 1360016]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsusFanControlService.exe [2016-09-24 2394072]
R2 AsusGameFirstService;AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [2015-06-10 356632]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-09-09 405072]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-09-09 57504]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_339ab;CDPUserSvc_339ab; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-08-24 11568224]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2019-09-05 51024]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2019-06-15 3460072]
R2 hasplms;Sentinel LDK License Manager; C:\WINDOWS\system32\hasplms.exe [2015-04-14 4621632]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2015-05-07 272352]
R2 Intel(R) TechnologyAccessLegacyCSLoader;Intel(R) Online Connect Access Legacy CS Loader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [2016-10-17 173288]
R2 Intel(R) TechnologyAccessService;Intel(R) Online Connect Access; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [2016-10-17 496872]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-11-08 177440]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-11-08 419616]
R2 LogiRegistryService;Logitech Gaming Registry Service; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [2018-10-05 206472]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-04-09 767472]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2019-04-10 791136]
R2 OneSyncSvc_339ab;OneSyncSvc_339ab; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2017-02-09 76888]
R2 PrintManager;Print Manager; E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe [2016-06-01 328704]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-09-09 5975136]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 Intel(R) Online Connect;Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [2016-11-01 25312]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_339ab;PimIndexMaintenanceSvc_339ab; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2016-05-27 48640]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-10 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-21 153168]
S2 Intel(R) Online Connect Helper;Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [2016-11-01 34528]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-08 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_339ab;BcastDVRUserService_339ab; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-03-25 8577760]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_339ab;BluetoothUserService_339ab; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 CoordinatorServiceHost;DTSInterops; E:\SolidWorks 2017\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [2016-11-23 81304]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-10 143144]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_339ab;DevicePickerUserSvc_339ab; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_339ab;DevicesFlowUserSvc_339ab; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 90112]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-12-10 777856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2018-02-21 1236456]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-18 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\elevation_service.exe [2019-08-24 1096176]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-21 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 impi_hydra;Intel(R) MPI Library Hydra Process Manager; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [2016-11-23 880296]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-10-13 630048]
S3 Intel(R) Online Connect Software Asset Manager;Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-10-14 18152]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_339ab;MessagingService_339ab; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-09-06 242720]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 226312]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_339ab;PrintWorkflowUserSvc_339ab; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o preventivní kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
palandinin
- Návštěvník
- Příspěvky: 9
- Registrován: 15 zář 2019 09:27
Re: prosím o preventivní kontrolu
Ahoj 
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
palandinin
- Návštěvník
- Příspěvky: 9
- Registrován: 15 zář 2019 09:27
Re: prosím o preventivní kontrolu
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-04-2019
# Database: 2019-09-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-15-2019
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 23
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\NERO\NERO TUNEITUP
Deleted C:\Users\Jirka\AppData\Local\minergate
Deleted C:\Users\Jirka\AppData\Roaming\BROWSERMODULE
Deleted C:\Users\Jirka\AppData\Roaming\SPI
Deleted C:\Users\Jirka\AppData\Roaming\browsers
Deleted C:\Users\Jirka\AppData\Roaming\isMiner
***** [ Files ] *****
Deleted C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
Deleted C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\csastats
Deleted HKCU\Software\isMiner
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{E2C26438-D19C-466F-AED3-ABB13D6B8F3F}C:\program files (x86)\bitlord\bitlord.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{EB0B9075-9283-4692-9589-AAA65EE91AE4}C:\program files (x86)\bitlord\bitlord.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{686FA463-7EC4-47A0-BFB2-96EC40B3A7F8}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8C1E6205-D187-40CF-82C8-0F376F7E6FDA}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|chromebrowser
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted Fast search
Deleted Tables
Not Deleted Fast search
Not Deleted Tables
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ASUSAISuite Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2AEAE3EB-AF83-4A1E-A749-2C263F62955B}
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [20191 octets] - [15/09/2019 22:48:25]
AdwCleaner[S00].txt - [3754 octets] - [15/09/2019 22:49:07]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-04-2019
# Database: 2019-09-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-15-2019
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 23
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\NERO\NERO TUNEITUP
Deleted C:\Users\Jirka\AppData\Local\minergate
Deleted C:\Users\Jirka\AppData\Roaming\BROWSERMODULE
Deleted C:\Users\Jirka\AppData\Roaming\SPI
Deleted C:\Users\Jirka\AppData\Roaming\browsers
Deleted C:\Users\Jirka\AppData\Roaming\isMiner
***** [ Files ] *****
Deleted C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
Deleted C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\csastats
Deleted HKCU\Software\isMiner
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{E2C26438-D19C-466F-AED3-ABB13D6B8F3F}C:\program files (x86)\bitlord\bitlord.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{EB0B9075-9283-4692-9589-AAA65EE91AE4}C:\program files (x86)\bitlord\bitlord.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{686FA463-7EC4-47A0-BFB2-96EC40B3A7F8}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8C1E6205-D187-40CF-82C8-0F376F7E6FDA}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|chromebrowser
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted Fast search
Deleted Tables
Not Deleted Fast search
Not Deleted Tables
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ASUSAISuite Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2AEAE3EB-AF83-4A1E-A749-2C263F62955B}
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [20191 octets] - [15/09/2019 22:48:25]
AdwCleaner[S00].txt - [3754 octets] - [15/09/2019 22:49:07]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: prosím o preventivní kontrolu
Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
palandinin
- Návštěvník
- Příspěvky: 9
- Registrován: 15 zář 2019 09:27
Re: prosím o preventivní kontrolu
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-04-2019
# Database: 2019-09-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-15-2019
# Duration: 00:00:37
# OS: Windows 10 Home
# Scanned: 35602
# Detected: 25
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.1stBrowser C:\Users\Jirka\AppData\Roaming\SPI
PUP.Optional.BitCoinMiner C:\Users\Jirka\AppData\Local\minergate
PUP.Optional.BitCoinMiner C:\Users\Jirka\AppData\Roaming\isMiner
PUP.Optional.Legacy C:\Users\Jirka\AppData\Roaming\browsers
PUP.Optional.MYPCTuneUp C:\ProgramData\NERO\NERO TUNEITUP
PUP.Optional.StartPage C:\Users\Jirka\AppData\Roaming\BROWSERMODULE
***** [ Files ] *****
PUP.Optional.Legacy C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
PUP.Optional.Legacy C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.BitCoinMiner HKCU\Software\isMiner
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{E2C26438-D19C-466F-AED3-ABB13D6B8F3F}C:\program files (x86)\bitlord\bitlord.exe
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{EB0B9075-9283-4692-9589-AAA65EE91AE4}C:\program files (x86)\bitlord\bitlord.exe
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{686FA463-7EC4-47A0-BFB2-96EC40B3A7F8}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8C1E6205-D187-40CF-82C8-0F376F7E6FDA}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|chromebrowser
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
PUP.Optional.FastSearch Fast search
PUP.Optional.FastSearch Fast search
PUP.Optional.Legacy Tables
PUP.Optional.Legacy Tables
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
Preinstalled.ASUSAISuite Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2AEAE3EB-AF83-4A1E-A749-2C263F62955B}
Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}
Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
AdwCleaner_Debug.log - [8020 octets] - [15/09/2019 22:48:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-04-2019
# Database: 2019-09-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-15-2019
# Duration: 00:00:37
# OS: Windows 10 Home
# Scanned: 35602
# Detected: 25
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.1stBrowser C:\Users\Jirka\AppData\Roaming\SPI
PUP.Optional.BitCoinMiner C:\Users\Jirka\AppData\Local\minergate
PUP.Optional.BitCoinMiner C:\Users\Jirka\AppData\Roaming\isMiner
PUP.Optional.Legacy C:\Users\Jirka\AppData\Roaming\browsers
PUP.Optional.MYPCTuneUp C:\ProgramData\NERO\NERO TUNEITUP
PUP.Optional.StartPage C:\Users\Jirka\AppData\Roaming\BROWSERMODULE
***** [ Files ] *****
PUP.Optional.Legacy C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
PUP.Optional.Legacy C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.BitCoinMiner HKCU\Software\isMiner
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{E2C26438-D19C-466F-AED3-ABB13D6B8F3F}C:\program files (x86)\bitlord\bitlord.exe
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{EB0B9075-9283-4692-9589-AAA65EE91AE4}C:\program files (x86)\bitlord\bitlord.exe
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{686FA463-7EC4-47A0-BFB2-96EC40B3A7F8}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8C1E6205-D187-40CF-82C8-0F376F7E6FDA}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|chromebrowser
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
PUP.Optional.FastSearch Fast search
PUP.Optional.FastSearch Fast search
PUP.Optional.Legacy Tables
PUP.Optional.Legacy Tables
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
Preinstalled.ASUSAISuite Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2AEAE3EB-AF83-4A1E-A749-2C263F62955B}
Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}
Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
AdwCleaner_Debug.log - [8020 octets] - [15/09/2019 22:48:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Re: prosím o preventivní kontrolu
Toto je vsak log z AdwCleaneru. Teraz by som potreboval log z FRST - https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
palandinin
- Návštěvník
- Příspěvky: 9
- Registrován: 15 zář 2019 09:27
Re: prosím o preventivní kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-09-2019
Ran by Jirka (18-09-2019 07:44:46)
Running from C:\Users\Jirka\Desktop
Windows 10 Home Version 1803 17134.829 (X64) (2018-05-18 17:32:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2116198513-1858420317-1968113610-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2116198513-1858420317-1968113610-503 - Limited - Disabled)
Guest (S-1-5-21-2116198513-1858420317-1968113610-501 - Limited - Disabled)
Jirka (S-1-5-21-2116198513-1858420317-1968113610-1001 - Administrator - Enabled) => C:\Users\Jirka
WDAGUtilityAccount (S-1-5-21-2116198513-1858420317-1968113610-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.26 - ASUSTeK Computer Inc.)
ARMA 3 (HKLM-x32\...\QVJNQTM=_is1) (Version: 1 - )
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.33.1 - Asmedia Technology)
Assassin's Creed IV Black Flag version 1.0.7.0 (HKLM-x32\...\Assassin's Creed IV Black Flag_is1) (Version: 1.0.7.0 - Mr DJ)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.2.8.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.2.8.2 - ASUSTek COMPUTER INC.)
Asus Sonic Suite Plugins (HKLM-x32\...\{53eaa65b-5cab-459c-9642-a408bdcf43a3}) (Version: 2.1.3301 - ASUSTeKcomputer.Inc) Hidden
ASUSRAMCACHE (HKLM-x32\...\ASUSRAMCACHE) (Version: 1.07.16 - FNet Co., Ltd.)
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk Certificate Package (x64) - 7.1.4 (HKLM\...\{1C891560-9ECD-4234-8BBD-752AFE0682D7}) (Version: 7.1.4.0 - Autodesk)
Autodesk FBX Converter x64 2013.3 (HKLM-x32\...\Autodesk FBX Converter x64 2013.3) (Version: - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.6263 - Autodesk, Inc.)
Autodesk Genuine Service (HKLM-x32\...\{EF86FB37-98AB-49C2-930B-77A5E04758FE}) (Version: 2.2.0 - Autodesk)
Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk Maya 2019 (HKLM\...\{D4BE10F2-3E2D-4120-863A-765623D53264}) (Version: 19.0.7966.0 - Autodesk) Hidden
Autodesk Maya 2019 (HKLM\...\Autodesk Maya 2019) (Version: 19.0.7966.0 - Autodesk)
Autodesk Print Studio (HKLM\...\{8286FC2F-A7B4-4FEB-B587-801BEC9A694F}) (Version: 1.6.5.0 - Autodesk) Hidden
Autodesk Print Studio (HKLM\...\Autodesk Print Studio) (Version: 1.6.5.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bifrost 1.5.7.0 for Maya 2019 (HKLM\...\{9D6E1762-6C2F-4138-9D08-787666861ED0}) (Version: 1.5.7.0 - Autodesk)
Bifrost 1.5.7.0 for Maya 2019 1.5.7.0 (HKLM\...\Bifrost 1.5.7.0 for Maya 2019) (Version: - )
BitLord 2.5 (HKLM-x32\...\BitLord) (Version: 2.4.5-316 - House of Life)
Blender (HKLM\...\{B1DF3793-1651-4AE5-9CA0-E845DD8B526B}) (Version: 2.79.0 - Blender Foundation)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CAMotics (HKLM-x32\...\CAMotics) (Version: 1.2.0 - Cauldron Development LLC)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls 2 (HKLM-x32\...\Dark Souls 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
DCS World (HKLM\...\DCS World_is1) (Version: 2.5 - Eagle Dynamics)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 80.4.126 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FreeCAD 0.18.3 (HKLM\...\FreeCAD0183) (Version: 0.18.3 - FreeCAD Team)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GIMP 2.10.8 (HKLM\...\GIMP-2_is1) (Version: 2.10.8 - The GIMP Team)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: 1.0.350.1 - Rockstar)
Inkscape 0.92.4 (HKLM-x32\...\Inkscape) (Version: 0.92.4 - Inkscape Project)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1039 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{4FA94F64-1A00-4426-BF58-D08EB592CE1B}) (Version: 3.4.2095 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
KiCad 5.1.4_1 (HKLM-x32\...\KiCad) (Version: 5.1.4_1 - KiCad)
Kingdom Come Deliverance (HKLM-x32\...\Kingdom Come Deliverance_is1) (Version: - )
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Metal.Gear.Solid.V.The.Phantom.Pain-ALI213 verze 1.10 (HKLM-x32\...\{AB06B397-689B-4FD6-9EB9-22030005D845}}_is1) (Version: 1.10 - Ali213.net)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.11929.20254 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 69.0 (x64 cs) (HKLM\...\Mozilla Firefox 69.0 (x64 cs)) (Version: 69.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 69.0.0.7178 - Mozilla)
MtoA for Maya 2019 (HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\MtoA2019) (Version: 3.1.2 - Solid Angle)
NahimicSettingsConfigurator (HKLM\...\{B9CE5642-0F22-4A75-B32A-98972F21C0C9}) (Version: 2.1.3301 - ASUSTeKcomputer.Inc) Hidden
NiceHash Miner 2 0.3.1 (only current user) (HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\08059810-bc78-5c10-942c-2092eebb5ec8) (Version: 0.3.1 - H-BIT d.o.o.)
NVIDIA Ovladač HD audia 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Opera Stable 63.0.3368.71 (HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\Opera 63.0.3368.71) (Version: 63.0.3368.71 - Opera Software)
Ovládací panel NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden
PhotoVCarve 1.1 (HKLM-x32\...\PhotoVCarve) (Version: 1.1 - Vectric Ltd)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 3.7.0.1280 - GOG.com)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.10.89 - Autodesk)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.18958 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.31 - ASUSTeK Computer Inc.)
Sekiro Shadows Die Twice version final (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version: final - The)
Skype verze 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
SolidCAM2017 (HKLM-x32\...\{19F811C2-2A40-4274-A05D-87D309CD953A}) (Version: 17.00.0 - SolidCAM)
SOLIDWORKS 2017 Czech Resources (HKLM\...\{78844951-4F4F-4657-9BAF-28BE043B28D5}) (Version: 25.110.49 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2017 SP01 (HKLM\...\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}) (Version: 25.110.49 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2017 SP01 (HKLM-x32\...\SolidWorks Installation Manager 20170-40100-1100-100) (Version: 25.1.0.49 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2017 SP01 (HKLM\...\{2F5D372A-EE3F-4201-8899-AA717AB91110}) (Version: 25.10.49 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2017 SP01 (HKLM\...\{26F45A5C-4EA2-4608-BB29-2F66FC8C85B5}) (Version: 17.1.0083 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SolidWorks Explorer 2014 SP01 x64 Edition (HKLM\...\{0C10FAF1-35D5-416A-B7C1-4168ED9485FA}) (Version: 22.10.44 - SolidWorks Corporation) Hidden
SOLIDWORKS Explorer 2017 SP01 (HKLM\...\{41487B2B-99A9-4E1B-90A3-433F6C228C72}) (Version: 25.10.49 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SolidWorks Plastics 2014 SP01 x64 Edition (HKLM\...\{104E8BAF-2E2A-4467-A5C0-92ED92F26547}) (Version: 22.10.44 - SolidWorks Corporation) Hidden
SOLIDWORKS Simulation Worker Agent 2017 SP01 (HKLM\...\{10E5D94E-A434-4157-BFE2-A3C7B7C7F49F}) (Version: 25.10.49 - Název společnosti:) Hidden
Sonic Studio Plugin (HKLM\...\{E6A187B7-0949-4AAE-BF6B-579FD3F6E55D}) (Version: 2.1.3301 - ASUSTeKcomputer.Inc) Hidden
SpaceEngine verze 0.9.8.0 (HKLM-x32\...\{6E7A40FA-86CE-4844-A7DC-F8769F21A62F}_is1) (Version: 0.9.8.0 - SpaceEngine)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.18.1 (HKLM\...\Stellarium_is1) (Version: 0.18.1 - Stellarium team)
Substance in Maya 1.4.0-2019 (HKLM-x32\...\{6D88D6DA-B70D-46BE-9393-BC4F7F0D1D60}_is1) (Version: 1.4.0 - Allegorithmic, Inc.)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
VMware Workstation (HKLM\...\{E374BA09-9CD0-4F58-90EE-F8C1488BC81E}) (Version: 14.0.0 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.147.500.0_x86__kgqvnymyfvs32 [2019-09-09] (king.com)
Good Plan -> C:\Program Files\WindowsApps\51248Raximus.Dobryplan_2.0.12.0_x64__j74bw2d00ynqy [2018-05-02] (Raximus) [MS Ad]
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-28] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Power Planner -> C:\Program Files\WindowsApps\61442BareBonesDev.PowerPlanner_1909.12.2.0_x64__5ga7fac6nanaa [2019-09-15] (BareBones Dev)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{0997411D-6B5A-4656-962D-49B2F51DAA3D}\InprocServer32 -> E:\Xara web designer\Filters\ENG\TIFFImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-0363C7187C99} -> [Creative Cloud Files] => C:\Users\Jirka\Creative Cloud Files [2018-08-27 14:07]
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{171740BB-DE5D-4A3B-A5DD-43D171192819}\InprocServer32 -> E:\Xara web designer\Filters\ENG\RTFfilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{34F47C85-7AD2-4584-8C2C-8E3C90CD7DEE}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PSDFilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{3E2079FE-4DB5-4914-B9A0-FBBDA87890C0}\InprocServer32 -> E:\Xara web designer\Filters\ENG\ODPImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{4954639E-4AD5-4232-9FC6-753ED3E19DE1}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PPImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{96379E3B-23DA-4F75-A23A-DBCF805CC406}\InprocServer32 -> E:\Xara web designer\Filters\ENG\DocImport\DocImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{C2A30267-3451-441F-93AD-8C8399CB426B}\InprocServer32 -> E:\Xara web designer\Filters\ENG\HTMLfilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Jirka\AppData\Local\Autodesk\webdeploy\production\e113e9d43debbfa9688c2f48660c996392f06b10\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> "E:\Xara web designer\WebDesigner.exe" => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> "E:\Xara web designer\WebDesigner.exe" => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CCC4FDE7-EE88-454F-9B6E-60FD6B562289}\InprocServer32 -> E:\Xara web designer\Filters\ENG\RAWImport\RAWImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Jirka\Dropbox [2017-04-10 15:29]
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E44A4F31-0C8B-42C2-A2A4-E743A0395B5F}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PDFImport\PDFImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E99245A1-DE06-4770-8208-B0494C933C65}\InprocServer32 -> E:\Xara web designer\Filters\ENG\SVGFilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{EDC4A498-53B4-496C-A750-3AABCD48A6A3}\InprocServer32 -> E:\Xara web designer\Filters\ENG\EMFFilter.dll => No File
SSODL: EldosMountNotificator-cbfs6 - {7C9078E6-5F54-498B-BA3B-7E489D223B01} - C:\WINDOWS\system32\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {7C9078E6-5F54-498B-BA3B-7E489D223B01} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects: Virtual Storage Mount Notification -> {7C9078E6-5F54-498B-BA3B-7E489D223B01} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {7C9078E6-5F54-498B-BA3B-7E489D223B01} => C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {526547C9-1954-4459-9F6C-4BA57AB5CE9B} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {526547C9-1954-4459-9F6C-4BA57AB5CE9B} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => E:\VMware Workstation\vmdkShellExt.dll [2017-09-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => E:\VMware Workstation\x64\vmdkShellExt64.dll [2017-09-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxDTCM.dll [2018-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnet Eхрlоrеr.lnk -> C:\Users\Jirka\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firefoх.lnk -> C:\Users\Jirka\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic
==================== Loaded Modules (Whitelisted) ==============
2017-02-06 22:10 - 2015-02-09 18:53 - 000872960 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000082432 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000743424 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000091648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2017-02-06 22:11 - 2015-05-21 23:57 - 001141248 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2017-02-06 22:11 - 2015-09-10 17:06 - 000237568 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2017-02-06 22:11 - 2014-02-24 18:49 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2017-02-06 22:11 - 2015-06-26 14:50 - 000906240 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\LED Control\LEDControl.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000091648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2017-02-06 22:11 - 2015-07-13 12:16 - 001341440 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\MoboConnect.dll
2017-02-06 22:12 - 2013-11-20 11:10 - 000662016 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2017-02-06 22:12 - 2013-07-02 11:40 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2017-02-06 22:09 - 2015-05-08 08:26 - 000104448 ____R () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2017-02-08 21:37 - 2016-08-02 15:05 - 000061440 _____ () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.32\Exeio.dll
2017-02-08 21:37 - 2016-08-02 14:51 - 001752576 _____ () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.32\Vender.dll
2016-06-01 08:49 - 2016-06-01 08:49 - 000232960 _____ () [File not signed] E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\node_modules\mdns\build\Release\dns_sd_bindings.node
2016-06-01 08:49 - 2016-06-01 08:49 - 000171520 _____ () [File not signed] E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\node_modules\serialport\build\serialport\v1.6.1\Release\node-v11-win32-x64\serialport.node
2016-06-01 08:51 - 2016-06-01 08:51 - 000295936 _____ () [File not signed] E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\node_modules\usb\node_modules\usb-shyp-win32-x64\node-v11\usb_bindings.node
2016-06-01 08:49 - 2016-06-01 08:49 - 000144384 _____ () [File not signed] E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\node_modules\usb-detection\build\Release\detection.node
2018-04-01 19:39 - 2018-04-01 19:39 - 000107520 _____ () [File not signed] E:\SolidWorks 2017\SOLIDWORKS\NETAPI32.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 002109952 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\log4cxx.dll
2017-02-06 22:09 - 2015-05-08 08:26 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2017-02-06 22:10 - 2015-09-17 11:58 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\ASACPI.DLL
2017-02-06 22:10 - 2015-09-17 11:58 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpi.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2017-02-08 21:38 - 2016-03-07 22:42 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsAcpi.dll
2017-02-06 22:09 - 2019-09-17 20:11 - 000037160 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-02-06 22:09 - 2015-05-08 08:26 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\asacpiEx.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpiEx.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\asacpiex.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiex.dll
2017-02-06 22:11 - 2015-07-13 12:16 - 000114688 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\AndroidOpenAccessory.dll
2017-02-06 22:12 - 2013-11-20 11:10 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\AsMultiLang.dll
2017-02-06 22:12 - 2014-07-25 16:46 - 001328128 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotice.dll
2017-02-06 22:12 - 2015-06-19 00:46 - 001087488 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\System Information\SystemInfo.dll
2017-02-06 22:12 - 2010-03-08 18:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\AsMultiLang.dll
2017-02-06 22:12 - 2015-03-12 15:48 - 000901120 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\Express.dll
2017-02-08 21:38 - 2016-03-07 22:42 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\asacpiEx.dll
2018-01-18 23:55 - 2012-03-14 06:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAQ.DLL
2017-02-06 22:10 - 2015-09-17 11:58 - 001864192 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\platforms\qwindowsd.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 008492544 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Cored.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 009202688 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Guid.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 008172032 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Widgetsd.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000316928 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Xmld.dll
2018-04-30 03:42 - 2020-02-03 10:02 - 001098240 _____ (SafeNet Inc.) [File not signed] C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\haspvlib_42011.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 021529088 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icudt53.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 001982976 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icuin53.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 001355264 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icuuc53.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2017-02-08 21:37 - 2016-11-04 10:53 - 000204288 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.32\AsusGpuTweak.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Jirka\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Jirka\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2019-01-04 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Common Files\Autodesk Shared\
HKCU\Environment\\Path -> C:\Users\Jirka\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jirka\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\69265425_3523415687684026_7490753148424814592_o.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "SolidWorks Nástroj pro stahování na pozadí.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer DMS"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer WSAgent"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "ASUSRAMCACHE"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer ShareEdit"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "Windows Defender"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "SpyEmergency"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "MinerGateGui"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "Hansoft Client"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{CC05484C-B396-47C7-9C23-64F73A9A6966}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.)
FirewallRules: [UDP Query User{14994BD9-F8D9-4A9D-8C27-84E36027D5E6}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe No File
FirewallRules: [TCP Query User{CFD632A0-818A-4B6E-A1B4-6A187677CF5B}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe No File
FirewallRules: [{A18333F9-4B8E-4802-BF8F-E58FC52F3D28}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{8D74237C-FF0D-4A23-B338-727FE45A9A5F}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{430B8244-2D92-4181-8B4C-577B19423992}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{75254D3A-C9D1-4900-B1D5-9EFD24D2C762}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7923C41C-6C42-4C5F-9530-A2D1802E96F5}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E32AD49B-A34F-4ACE-BF7F-8D47799FFADB}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{91C673FF-CB71-4DE6-BBAB-F7F45589FB66}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{4E1B814D-836D-48C7-B5C1-1E84C434758B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{38F0A8CD-1175-4984-9FFB-CF4DAC8EF62B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{AD4EA3B5-89FA-421E-BF9D-4A62B4EAB144}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{65A14321-DC82-43B3-8BF4-6E790A0AC32A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe No File
FirewallRules: [TCP Query User{257A905D-F96E-4E8A-88F7-1B3045D85645}C:\users\jirka\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jirka\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{5B0FA166-9C5C-4F16-A54D-5F5245AB2AD0}C:\users\jirka\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jirka\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [TCP Query User{FE93DE3E-56CB-4B9C-8874-54B9FB57636A}C:\users\jirka\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jirka\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{CAE56EA4-44F1-4AA4-9184-93935CA004C7}C:\users\jirka\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jirka\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [{1011121D-5E85-41CB-A3FC-DB356CAE8A80}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{13082B9A-2971-4971-B427-9786CC8F0767}C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe No File
FirewallRules: [UDP Query User{61850BF3-7FD6-42F7-8327-DD7A1AEF7C7F}C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe No File
FirewallRules: [{3E7957DB-4671-4C84-BC5B-26A03BBE6E76}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BB555538-FAB9-415B-BD49-9A2E5DB59525}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{71B94EA1-F7CE-432C-B86E-44A3DB39A97F}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe No File
FirewallRules: [UDP Query User{242C97C2-B7C3-4124-8161-47E79115B454}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe No File
FirewallRules: [{10DF7F78-9AF7-47B6-9D12-1D3D1B21DC75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{17659BC9-DA1E-465D-A9BD-C63EC18A3A89}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E5CD985D-6566-43BF-8EDE-ACA89DEAA082}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{42D7110D-B6DA-4747-B27E-C788C81C2D5F}C:\program files\autodesk\motionbuilder 2015\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2015\bin\x64\motionbuilder.exe No File
FirewallRules: [UDP Query User{766896E4-AD49-45E2-B220-EE362A811F5A}C:\program files\autodesk\motionbuilder 2015\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2015\bin\x64\motionbuilder.exe No File
FirewallRules: [TCP Query User{AFA6648B-58F9-41B7-ACDD-94C039968840}C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe No File
FirewallRules: [UDP Query User{9F433FA4-B5C5-4461-A46F-5BA86BA3D72F}C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe No File
FirewallRules: [TCP Query User{5C1358D7-DDC4-4264-989E-4086AF636224}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [UDP Query User{2A41B037-6D1A-40CD-90A6-76732370A683}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [TCP Query User{19E7676D-5836-4841-A70F-889809ECCE97}E:\maya\maya2017\bin\maya.exe] => (Allow) E:\maya\maya2017\bin\maya.exe No File
FirewallRules: [UDP Query User{232F024F-4E91-4DEE-ABCF-C0477687B95D}E:\maya\maya2017\bin\maya.exe] => (Allow) E:\maya\maya2017\bin\maya.exe No File
FirewallRules: [TCP Query User{CD8DBDBD-151A-4725-B09C-64F14AC28D1F}D:\total.war.shogun.2.complete-kaos\shogun2.exe] => (Allow) D:\total.war.shogun.2.complete-kaos\shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [UDP Query User{7BB2320D-0AD7-4FA9-BFFB-E59478C830AC}D:\total.war.shogun.2.complete-kaos\shogun2.exe] => (Allow) D:\total.war.shogun.2.complete-kaos\shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [TCP Query User{4B60FB03-9942-412D-B643-F6E95BEDF3E1}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [UDP Query User{25D1AF24-3252-4A56-8FE1-D096390DC308}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [TCP Query User{36993257-B96F-4E64-A258-A50CB4E1BF56}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [UDP Query User{77893253-C181-4A31-A23F-17963852DA62}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [TCP Query User{F84BE87F-BBE2-4ECD-A015-26E82BCC5799}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{E9A3ADED-CD9D-4D84-90CC-58324B94EF65}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{4DE3B5B3-4EF3-4D3E-BE82-40D1272706A8}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{39CB39A2-6E54-463F-A951-3C6BA529919A}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{CDE9C52F-72E7-4B9E-94D0-FF9FED71558F}C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe No File
FirewallRules: [UDP Query User{34720ECA-2895-4F48-B8EA-A6B25F8BD35B}C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe No File
FirewallRules: [{579648C9-13D7-436E-A73A-302938092FC2}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{32CDEF4C-FA5F-432C-9212-53ADF7C9E05F}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{7C41AEC9-1E5E-4A53-9F28-C30AFFE7B34E}E:\monacoin\monacoin-qt.exe] => (Allow) E:\monacoin\monacoin-qt.exe No File
FirewallRules: [UDP Query User{9ABDC56A-C2F1-43CF-9E7E-9FAD84A1BE52}E:\monacoin\monacoin-qt.exe] => (Allow) E:\monacoin\monacoin-qt.exe No File
FirewallRules: [TCP Query User{906ACE46-BE6E-4973-876B-40C515C85F8C}F:\trezarcoin\trezarcoin-qt.exe] => (Allow) F:\trezarcoin\trezarcoin-qt.exe No File
FirewallRules: [UDP Query User{87F642A6-C769-4223-9B43-1DA4CF06CBA1}F:\trezarcoin\trezarcoin-qt.exe] => (Allow) F:\trezarcoin\trezarcoin-qt.exe No File
FirewallRules: [{D9D06082-EE9A-4569-A034-B7916CA95799}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{5F3993A9-2ADC-4D92-8E7A-3B24C4190FA5}D:\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\prey\binaries\danielle\x64\release\prey.exe No File
FirewallRules: [UDP Query User{CD3F961A-01F0-46DE-A893-8FD1AE24B525}D:\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\prey\binaries\danielle\x64\release\prey.exe No File
FirewallRules: [TCP Query User{762F5CD2-7DFE-4061-9C44-CC6AF64EAAD9}E:\nicehash advanced\bin\xmr-stak\xmr-stak.exe] => (Allow) E:\nicehash advanced\bin\xmr-stak\xmr-stak.exe () [File not signed]
FirewallRules: [UDP Query User{09939E35-72C2-4D06-8599-EBC1BCE1808C}E:\nicehash advanced\bin\xmr-stak\xmr-stak.exe] => (Allow) E:\nicehash advanced\bin\xmr-stak\xmr-stak.exe () [File not signed]
FirewallRules: [TCP Query User{EE171DEB-9E84-447E-9F7F-19BB1F61CD7C}E:\nicehash advanced\bin\xmrig\xmrig.exe] => (Allow) E:\nicehash advanced\bin\xmrig\xmrig.exe (www.xmrig.com) [File not signed]
FirewallRules: [UDP Query User{A100E497-C0FF-4A3A-8F18-C7C38E6B2464}E:\nicehash advanced\bin\xmrig\xmrig.exe] => (Allow) E:\nicehash advanced\bin\xmrig\xmrig.exe (www.xmrig.com) [File not signed]
FirewallRules: [TCP Query User{CAD4626E-27AC-4A5E-B68E-BB20350FFD54}C:\users\jirka\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\jirka\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{E2E5B9C1-25BB-49F6-BDC1-3C7EBD66D702}C:\users\jirka\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\jirka\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [TCP Query User{B5BEB195-FFF4-46CA-92B5-D3BDD231AEFB}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{6D70B8FF-9FD4-400B-B36C-8B6E0C814C3F}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{54C00440-7098-40C5-A23F-C0A8CD318501}D:\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) D:\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe No File
FirewallRules: [UDP Query User{D4730EB1-CC1B-42DF-B907-9A0A31E825F9}D:\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) D:\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe No File
FirewallRules: [TCP Query User{16F60D61-DF50-4855-A61F-7A1D0EA1C567}D:\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\prey\binaries\danielle\x64\release\prey.exe No File
FirewallRules: [UDP Query User{D9B71138-31D9-4EAC-A707-740C3C9F759C}D:\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\prey\binaries\danielle\x64\release\prey.exe No File
FirewallRules: [TCP Query User{53736F6C-376F-42BF-85BF-0BA8B1495E1C}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{8A1CC0BC-546A-459B-9924-29722C82D9AF}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{01544853-43DB-45C1-94FE-38B0D3910725}D:\grand theft auto v\gta5.exe] => (Block) D:\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{05068FCE-5803-4729-9853-2B24B87ACC9F}D:\grand theft auto v\gta5.exe] => (Block) D:\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{168DC2D3-92DE-4FF2-8BE0-9915ACC8E926}E:\motionbuilder 2018\bin\x64\motionbuilder.exe] => (Allow) E:\motionbuilder 2018\bin\x64\motionbuilder.exe No File
FirewallRules: [UDP Query User{F0982ABA-805C-4F05-84CA-948CDF6E26F2}E:\motionbuilder 2018\bin\x64\motionbuilder.exe] => (Allow) E:\motionbuilder 2018\bin\x64\motionbuilder.exe No File
FirewallRules: [TCP Query User{9A4A41AF-AD86-4CB7-BE68-4C084B363BE4}E:\solidworks 2017\solidworks\photoview\photoview360.exe] => (Allow) E:\solidworks 2017\solidworks\photoview\photoview360.exe (The Foundry Visionmongers Ltd. -> )
FirewallRules: [UDP Query User{1FB98924-2F48-486E-A64C-5B42D2DBDE53}E:\solidworks 2017\solidworks\photoview\photoview360.exe] => (Allow) E:\solidworks 2017\solidworks\photoview\photoview360.exe (The Foundry Visionmongers Ltd. -> )
FirewallRules: [{A6F94A26-C517-439D-AB0F-06C04B8A80AE}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{768FC3C9-672B-4323-BB95-556833D244CB}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{751C527F-9CF5-4BD6-B9CE-A69EC3EEEB8A}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{157ECEB0-2014-4FC7-A549-FF2930F7F498}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E3120685-DBD4-4D2C-9A02-D725AE57B054}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{A7F709D4-4477-4E4C-977D-5F3FDFC2C554}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{80E28F4C-4981-434C-B77E-E02DCF16823B}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{EF872711-A2EC-4D43-90C6-DCB2680057F2}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{F0188AF8-647B-4F9B-B2F7-C057867D6A1E}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B67BDA96-DF12-48B0-BFE1-173C3307444B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A46ACAED-D94F-4ADF-965D-FF032D39624F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{61F28BCD-80B3-4EF3-8D8B-9520FC563C14}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4A6010CF-C72A-4020-BDD8-96FB410CE8A6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3A79EB7D-7420-41C1-A247-F8503D7EFCA5}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C2A3B3F6-7D81-4FA8-BCE9-6D783A351543}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{322D21D4-A287-4003-AD54-23ECAF45B0BF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3C0CC0D4-693D-469B-B796-D5E03F1259EE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{377A2ED9-7C84-43CE-BF67-2E89D0DBFE0E}D:\alien isolation\ai.exe] => (Allow) D:\alien isolation\ai.exe No File
FirewallRules: [UDP Query User{47E0F721-9D4D-458F-80EC-E10B072FC568}D:\alien isolation\ai.exe] => (Allow) D:\alien isolation\ai.exe No File
FirewallRules: [{A1BDDB48-4073-4CAE-AB30-1C7FFD929C2F}] => (Allow) E:\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{067737A7-349E-4DFE-A390-A307262538B6}] => (Allow) E:\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{7DBCE48F-BE3B-41DD-8F45-4C0CB0E37B0B}] => (Allow) E:\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{966596D1-DF63-4B32-8395-24200B4BFC05}] => (Allow) E:\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{AB060674-16EC-4078-A6E8-889F2C425437}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{44D441A7-0E3C-4114-A276-FAD9D5B9ACD6}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{3F1314FB-3C4E-47C1-B5E9-0B1374BA3303}C:\users\jirka\appdata\local\temp\rar$exa0.571\electroneumd.exe] => (Allow) C:\users\jirka\appdata\local\temp\rar$exa0.571\electroneumd.exe No File
FirewallRules: [UDP Query User{6333312D-BA52-4E0E-9E31-2B7B7B64C734}C:\users\jirka\appdata\local\temp\rar$exa0.571\electroneumd.exe] => (Allow) C:\users\jirka\appdata\local\temp\rar$exa0.571\electroneumd.exe No File
FirewallRules: [{72210114-F1C5-4504-98ED-BD82098B1801}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{42645B12-49D1-4759-96B3-DF794298126E}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{AEB781CB-268F-4E94-BB1A-85AB9A21EBBF}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{EACCB359-875D-4B8F-8ABA-C57B5FD02CC9}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{18D1A561-79C5-4E0D-A0C6-F96652561F8B}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{F79C4105-4F0E-4797-B882-554BBC3231CD}D:\starcraft ii\versions\base69232\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base69232\sc2_x64.exe No File
FirewallRules: [UDP Query User{5B782376-8457-4403-83C0-5A34C8308A6E}D:\starcraft ii\versions\base69232\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base69232\sc2_x64.exe No File
FirewallRules: [{7786E320-54EB-406D-9409-6D860C38179E}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BBBA785F-4112-41E5-BAC9-6CFAE7752E8D}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E9BAF57E-6295-4795-AE7F-54840CED39A9}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BA43BA5E-3FAB-40E2-AA6D-F73A009C3262}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{4694A910-56CB-41F2-BFC0-E5791B8CFE33}D:\star citizen\starcitizen\live\bin64\starcitizen.exe] => (Allow) D:\star citizen\starcitizen\live\bin64\starcitizen.exe No File
FirewallRules: [UDP Query User{1DBBF016-81FD-4BD9-862B-72E0792A32FB}D:\star citizen\starcitizen\live\bin64\starcitizen.exe] => (Allow) D:\star citizen\starcitizen\live\bin64\starcitizen.exe No File
FirewallRules: [{13A80E5C-1E74-48CC-B7E5-1EAA546A264E}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{730CCC1C-0318-4FBF-B9E1-FC71A8AE4B2F}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F5BBF239-E35E-4EA3-9034-43423C6C326F}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D8170029-56A3-45C7-9B7A-0FE7762023F4}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{17885E0E-E642-461F-B4C5-C80AE03F3393}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AD032AA1-D0A4-4E8D-8567-94C001702D31}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{81280EB7-0F8C-43AE-B706-60B9E9F1E839}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{85A7DE0A-71C5-43D7-8D6D-A7DC19612732}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B6369CE8-6AFA-4E87-B70D-62FA361B7083}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FA0B90F1-35EA-429B-B0C9-5BD6B957A8CA}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9826C011-4CC4-48EA-86A9-6E5770D8FD17}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1D2A6EB7-A491-4C90-91D5-C98BB42833C7}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0DEDDBEE-E9AA-4A2F-ADA7-A79444EC8DDD}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3FB93DF1-69B3-4E0A-A58C-FD84B32FE986}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8717E4C3-4A87-45F5-BA2D-CE5B8B783885}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{613BEE60-C7A4-43B6-A0DB-1D1949D61B4D}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{57D004D6-EAC2-4126-981C-381947048420}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{06E7A2D8-FC5F-4D93-BFCE-432412FEC5E0}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EF2A1DC7-081E-49DD-BAC5-191BB9520B87}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CA6E2771-B19D-40D6-A3E9-29E861B61128}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{27581E84-30CB-4000-AE99-34AD611ACFA9}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{04FA1E0A-A302-453A-BEE6-8D5208B32A54}C:\program files (x86)\solarwinds\free tools\tftp-server.exe] => (Allow) C:\program files (x86)\solarwinds\free tools\tftp-server.exe No File
FirewallRules: [UDP Query User{E74ED963-33E7-4D04-B529-471ECCD65852}C:\program files (x86)\solarwinds\free tools\tftp-server.exe] => (Allow) C:\program files (x86)\solarwinds\free tools\tftp-server.exe No File
FirewallRules: [TCP Query User{BE2E03E0-1A2B-4F7D-9E9C-128C0A34C9BC}C:\program files (x86)\cesarftp\server.exe] => (Block) C:\program files (x86)\cesarftp\server.exe No File
FirewallRules: [UDP Query User{D29CE9DC-5F5C-4D31-AE6D-F1FF81195E9F}C:\program files (x86)\cesarftp\server.exe] => (Block) C:\program files (x86)\cesarftp\server.exe No File
FirewallRules: [{9D8C9EA1-816E-4DCC-A042-686493D0455C}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{16795300-3D8B-489B-964C-305351601F91}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1AB5677D-C676-46CD-B75A-F8176D7FCEC1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{81B785CC-6547-49D9-BD56-EB3BCC64706E}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{178980A5-03CE-4E3C-9A94-4BE8C109EE5B}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CFD3AFCB-5135-4213-81D5-628FA1FA3F0D}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ACAAF10C-DBE4-4D55-A4E1-D7ACEB5AFDED}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{B01E88D5-1D32-47F9-937C-DECB6FC53041}D:\dcs\dcs world\bin\dcs_updater.exe] => (Allow) D:\dcs\dcs world\bin\dcs_updater.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [UDP Query User{73956CA4-E264-4DC3-9849-8077E3CD26D1}D:\dcs\dcs world\bin\dcs_updater.exe] => (Allow) D:\dcs\dcs world\bin\dcs_updater.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [{628C8E1D-D000-44AA-BABE-B21B91CE1360}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AF961055-423B-489E-9948-80C46A4488BF}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C97CF50F-9765-446A-AC09-A3AD6D25A6A0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F6229EE2-FE56-4086-9F2C-5AF1FC10E3B5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{718DDD9E-79C2-47EB-B921-641D6F075C68}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0C6E96EF-08C4-409E-B47C-74DC73EB4C51}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F4D9D9D8-1644-43EA-847B-96533112071C}D:\starcraft ii\versions\base75800\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base75800\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{AA55040C-4A37-44BE-8349-68D0A0BFE342}D:\starcraft ii\versions\base75800\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base75800\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{61A3E9F1-9357-4664-A7F6-11270E371EF9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{3945D1A2-BA49-4BA1-A718-670D51FA689C}D:\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{0B56D395-98A3-4EAC-9AB0-596190B3C9DF}D:\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{C503B5A0-A9DD-41A2-AE0F-F6FF56E9E62E}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{283DAD63-1432-4AB9-9706-334DDBC3C4A8}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{72CD4523-1B1E-46DD-B1D8-67607D08204A}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{3BEF19E3-80A5-4C7E-AC7A-CD8DAEC0EE34}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{8C7A9804-1422-41D5-A5A1-6C63096D7134}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{74025E28-A73F-4969-8F95-1D148FAD504C}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{2898E0B4-6D53-4C24-A1C3-E1459D8EAD6D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:97.19 GB) (Free:14.98 GB) (15%)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/18/2019 07:41:57 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:41:48 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:41:38 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:41:33 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:41:28 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:39:11 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:37:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LegacyCsLoaderService.exe, verze: 1.9.6.80, časové razítko: 0x58059006
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.799, časové razítko: 0x08a3d2a4
Kód výjimky: 0x40000015
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0xe08
Čas spuštění chybující aplikace: 0x01d56d83461f9c47
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: adfc988e-734e-4aa1-b518-46562ee0fc35
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (09/18/2019 07:37:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IntelTechnologyAccessService.exe, verze: 1.9.6.80, časové razítko: 0x58058ff0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.799, časové razítko: 0x08a3d2a4
Kód výjimky: 0x40000015
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0xdbc
Čas spuštění chybující aplikace: 0x01d56d83461d6fd7
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a8a5629f-ffb0-4077-9a53-e914acf7eb18
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (09/18/2019 07:41:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 28krát.
Error: (09/18/2019 07:41:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Systém nemůže nalézt uvedenou jednotku.
Error: (09/18/2019 07:41:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 27krát.
Error: (09/18/2019 07:41:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Systém nemůže nalézt uvedenou jednotku.
Error: (09/18/2019 07:41:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 26krát.
Error: (09/18/2019 07:41:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Systém nemůže nalézt uvedenou jednotku.
Error: (09/18/2019 07:41:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 25krát.
Error: (09/18/2019 07:41:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Systém nemůže nalézt uvedenou jednotku.
CodeIntegrity:
===================================
Date: 2019-09-18 07:43:33.486
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-18 07:43:33.481
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-18 07:43:33.409
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-18 07:43:33.403
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-17 23:09:49.181
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-17 23:09:49.179
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-17 20:11:06.433
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-15 22:57:10.560
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2003 09/19/2016
Motherboard: ASUSTeK COMPUTER INC. Z170 PRO GAMING
Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 29%
Total physical RAM: 16274.71 MB
Available physical RAM: 11485.36 MB
Total Virtual: 19986.71 MB
Available Virtual: 14131.59 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:97.19 GB) (Free:14.98 GB) NTFS
Drive d: (HRY) (Fixed) (Total:984.11 GB) (Free:69.74 GB) NTFS
Drive e: (SOFTWARE) (Fixed) (Total:134.74 GB) (Free:43.05 GB) NTFS
Drive f: (DATA) (Fixed) (Total:585.94 GB) (Free:59.59 GB) NTFS
Drive g: (MOGC) (Fixed) (Total:292.97 GB) (Free:241.56 GB) NTFS
\\?\Volume{0aa624b1-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0aa624b1-0000-0000-0000-506b18000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 0AA624B1)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=478 MB) - (Type=27)
Partition 4: (Not Active) - (Size=134.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 3E4A63B1)
Partition 1: (Not Active) - (Size=984.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Jirka (18-09-2019 07:44:46)
Running from C:\Users\Jirka\Desktop
Windows 10 Home Version 1803 17134.829 (X64) (2018-05-18 17:32:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2116198513-1858420317-1968113610-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2116198513-1858420317-1968113610-503 - Limited - Disabled)
Guest (S-1-5-21-2116198513-1858420317-1968113610-501 - Limited - Disabled)
Jirka (S-1-5-21-2116198513-1858420317-1968113610-1001 - Administrator - Enabled) => C:\Users\Jirka
WDAGUtilityAccount (S-1-5-21-2116198513-1858420317-1968113610-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.26 - ASUSTeK Computer Inc.)
ARMA 3 (HKLM-x32\...\QVJNQTM=_is1) (Version: 1 - )
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.33.1 - Asmedia Technology)
Assassin's Creed IV Black Flag version 1.0.7.0 (HKLM-x32\...\Assassin's Creed IV Black Flag_is1) (Version: 1.0.7.0 - Mr DJ)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.2.8.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.2.8.2 - ASUSTek COMPUTER INC.)
Asus Sonic Suite Plugins (HKLM-x32\...\{53eaa65b-5cab-459c-9642-a408bdcf43a3}) (Version: 2.1.3301 - ASUSTeKcomputer.Inc) Hidden
ASUSRAMCACHE (HKLM-x32\...\ASUSRAMCACHE) (Version: 1.07.16 - FNet Co., Ltd.)
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk Certificate Package (x64) - 7.1.4 (HKLM\...\{1C891560-9ECD-4234-8BBD-752AFE0682D7}) (Version: 7.1.4.0 - Autodesk)
Autodesk FBX Converter x64 2013.3 (HKLM-x32\...\Autodesk FBX Converter x64 2013.3) (Version: - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.6263 - Autodesk, Inc.)
Autodesk Genuine Service (HKLM-x32\...\{EF86FB37-98AB-49C2-930B-77A5E04758FE}) (Version: 2.2.0 - Autodesk)
Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk Maya 2019 (HKLM\...\{D4BE10F2-3E2D-4120-863A-765623D53264}) (Version: 19.0.7966.0 - Autodesk) Hidden
Autodesk Maya 2019 (HKLM\...\Autodesk Maya 2019) (Version: 19.0.7966.0 - Autodesk)
Autodesk Print Studio (HKLM\...\{8286FC2F-A7B4-4FEB-B587-801BEC9A694F}) (Version: 1.6.5.0 - Autodesk) Hidden
Autodesk Print Studio (HKLM\...\Autodesk Print Studio) (Version: 1.6.5.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bifrost 1.5.7.0 for Maya 2019 (HKLM\...\{9D6E1762-6C2F-4138-9D08-787666861ED0}) (Version: 1.5.7.0 - Autodesk)
Bifrost 1.5.7.0 for Maya 2019 1.5.7.0 (HKLM\...\Bifrost 1.5.7.0 for Maya 2019) (Version: - )
BitLord 2.5 (HKLM-x32\...\BitLord) (Version: 2.4.5-316 - House of Life)
Blender (HKLM\...\{B1DF3793-1651-4AE5-9CA0-E845DD8B526B}) (Version: 2.79.0 - Blender Foundation)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CAMotics (HKLM-x32\...\CAMotics) (Version: 1.2.0 - Cauldron Development LLC)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls 2 (HKLM-x32\...\Dark Souls 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
DCS World (HKLM\...\DCS World_is1) (Version: 2.5 - Eagle Dynamics)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 80.4.126 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FreeCAD 0.18.3 (HKLM\...\FreeCAD0183) (Version: 0.18.3 - FreeCAD Team)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GIMP 2.10.8 (HKLM\...\GIMP-2_is1) (Version: 2.10.8 - The GIMP Team)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: 1.0.350.1 - Rockstar)
Inkscape 0.92.4 (HKLM-x32\...\Inkscape) (Version: 0.92.4 - Inkscape Project)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1039 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{4FA94F64-1A00-4426-BF58-D08EB592CE1B}) (Version: 3.4.2095 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
KiCad 5.1.4_1 (HKLM-x32\...\KiCad) (Version: 5.1.4_1 - KiCad)
Kingdom Come Deliverance (HKLM-x32\...\Kingdom Come Deliverance_is1) (Version: - )
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Metal.Gear.Solid.V.The.Phantom.Pain-ALI213 verze 1.10 (HKLM-x32\...\{AB06B397-689B-4FD6-9EB9-22030005D845}}_is1) (Version: 1.10 - Ali213.net)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.11929.20254 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 69.0 (x64 cs) (HKLM\...\Mozilla Firefox 69.0 (x64 cs)) (Version: 69.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 69.0.0.7178 - Mozilla)
MtoA for Maya 2019 (HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\MtoA2019) (Version: 3.1.2 - Solid Angle)
NahimicSettingsConfigurator (HKLM\...\{B9CE5642-0F22-4A75-B32A-98972F21C0C9}) (Version: 2.1.3301 - ASUSTeKcomputer.Inc) Hidden
NiceHash Miner 2 0.3.1 (only current user) (HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\08059810-bc78-5c10-942c-2092eebb5ec8) (Version: 0.3.1 - H-BIT d.o.o.)
NVIDIA Ovladač HD audia 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11929.20254 - Microsoft Corporation) Hidden
Opera Stable 63.0.3368.71 (HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\Opera 63.0.3368.71) (Version: 63.0.3368.71 - Opera Software)
Ovládací panel NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden
PhotoVCarve 1.1 (HKLM-x32\...\PhotoVCarve) (Version: 1.1 - Vectric Ltd)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 3.7.0.1280 - GOG.com)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.10.89 - Autodesk)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.18958 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.31 - ASUSTeK Computer Inc.)
Sekiro Shadows Die Twice version final (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version: final - The)
Skype verze 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
SolidCAM2017 (HKLM-x32\...\{19F811C2-2A40-4274-A05D-87D309CD953A}) (Version: 17.00.0 - SolidCAM)
SOLIDWORKS 2017 Czech Resources (HKLM\...\{78844951-4F4F-4657-9BAF-28BE043B28D5}) (Version: 25.110.49 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2017 SP01 (HKLM\...\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}) (Version: 25.110.49 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2017 SP01 (HKLM-x32\...\SolidWorks Installation Manager 20170-40100-1100-100) (Version: 25.1.0.49 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2017 SP01 (HKLM\...\{2F5D372A-EE3F-4201-8899-AA717AB91110}) (Version: 25.10.49 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2017 SP01 (HKLM\...\{26F45A5C-4EA2-4608-BB29-2F66FC8C85B5}) (Version: 17.1.0083 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SolidWorks Explorer 2014 SP01 x64 Edition (HKLM\...\{0C10FAF1-35D5-416A-B7C1-4168ED9485FA}) (Version: 22.10.44 - SolidWorks Corporation) Hidden
SOLIDWORKS Explorer 2017 SP01 (HKLM\...\{41487B2B-99A9-4E1B-90A3-433F6C228C72}) (Version: 25.10.49 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SolidWorks Plastics 2014 SP01 x64 Edition (HKLM\...\{104E8BAF-2E2A-4467-A5C0-92ED92F26547}) (Version: 22.10.44 - SolidWorks Corporation) Hidden
SOLIDWORKS Simulation Worker Agent 2017 SP01 (HKLM\...\{10E5D94E-A434-4157-BFE2-A3C7B7C7F49F}) (Version: 25.10.49 - Název společnosti:) Hidden
Sonic Studio Plugin (HKLM\...\{E6A187B7-0949-4AAE-BF6B-579FD3F6E55D}) (Version: 2.1.3301 - ASUSTeKcomputer.Inc) Hidden
SpaceEngine verze 0.9.8.0 (HKLM-x32\...\{6E7A40FA-86CE-4844-A7DC-F8769F21A62F}_is1) (Version: 0.9.8.0 - SpaceEngine)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.18.1 (HKLM\...\Stellarium_is1) (Version: 0.18.1 - Stellarium team)
Substance in Maya 1.4.0-2019 (HKLM-x32\...\{6D88D6DA-B70D-46BE-9393-BC4F7F0D1D60}_is1) (Version: 1.4.0 - Allegorithmic, Inc.)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
VMware Workstation (HKLM\...\{E374BA09-9CD0-4F58-90EE-F8C1488BC81E}) (Version: 14.0.0 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.147.500.0_x86__kgqvnymyfvs32 [2019-09-09] (king.com)
Good Plan -> C:\Program Files\WindowsApps\51248Raximus.Dobryplan_2.0.12.0_x64__j74bw2d00ynqy [2018-05-02] (Raximus) [MS Ad]
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-28] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Power Planner -> C:\Program Files\WindowsApps\61442BareBonesDev.PowerPlanner_1909.12.2.0_x64__5ga7fac6nanaa [2019-09-15] (BareBones Dev)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{0997411D-6B5A-4656-962D-49B2F51DAA3D}\InprocServer32 -> E:\Xara web designer\Filters\ENG\TIFFImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-0363C7187C99} -> [Creative Cloud Files] => C:\Users\Jirka\Creative Cloud Files [2018-08-27 14:07]
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{171740BB-DE5D-4A3B-A5DD-43D171192819}\InprocServer32 -> E:\Xara web designer\Filters\ENG\RTFfilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{34F47C85-7AD2-4584-8C2C-8E3C90CD7DEE}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PSDFilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{3E2079FE-4DB5-4914-B9A0-FBBDA87890C0}\InprocServer32 -> E:\Xara web designer\Filters\ENG\ODPImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{4954639E-4AD5-4232-9FC6-753ED3E19DE1}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PPImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{96379E3B-23DA-4F75-A23A-DBCF805CC406}\InprocServer32 -> E:\Xara web designer\Filters\ENG\DocImport\DocImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{C2A30267-3451-441F-93AD-8C8399CB426B}\InprocServer32 -> E:\Xara web designer\Filters\ENG\HTMLfilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Jirka\AppData\Local\Autodesk\webdeploy\production\e113e9d43debbfa9688c2f48660c996392f06b10\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> "E:\Xara web designer\WebDesigner.exe" => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> "E:\Xara web designer\WebDesigner.exe" => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CCC4FDE7-EE88-454F-9B6E-60FD6B562289}\InprocServer32 -> E:\Xara web designer\Filters\ENG\RAWImport\RAWImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Jirka\Dropbox [2017-04-10 15:29]
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E44A4F31-0C8B-42C2-A2A4-E743A0395B5F}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PDFImport\PDFImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E99245A1-DE06-4770-8208-B0494C933C65}\InprocServer32 -> E:\Xara web designer\Filters\ENG\SVGFilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{EDC4A498-53B4-496C-A750-3AABCD48A6A3}\InprocServer32 -> E:\Xara web designer\Filters\ENG\EMFFilter.dll => No File
SSODL: EldosMountNotificator-cbfs6 - {7C9078E6-5F54-498B-BA3B-7E489D223B01} - C:\WINDOWS\system32\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {7C9078E6-5F54-498B-BA3B-7E489D223B01} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects: Virtual Storage Mount Notification -> {7C9078E6-5F54-498B-BA3B-7E489D223B01} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {7C9078E6-5F54-498B-BA3B-7E489D223B01} => C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {526547C9-1954-4459-9F6C-4BA57AB5CE9B} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {526547C9-1954-4459-9F6C-4BA57AB5CE9B} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-08-03] (EldoS Corporation -> /n software, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => E:\VMware Workstation\vmdkShellExt.dll [2017-09-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => E:\VMware Workstation\x64\vmdkShellExt64.dll [2017-09-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxDTCM.dll [2018-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnet Eхрlоrеr.lnk -> C:\Users\Jirka\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firefoх.lnk -> C:\Users\Jirka\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic
==================== Loaded Modules (Whitelisted) ==============
2017-02-06 22:10 - 2015-02-09 18:53 - 000872960 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000082432 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000743424 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000091648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2017-02-06 22:11 - 2015-05-21 23:57 - 001141248 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2017-02-06 22:11 - 2015-09-10 17:06 - 000237568 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2017-02-06 22:11 - 2014-02-24 18:49 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2017-02-06 22:11 - 2015-06-26 14:50 - 000906240 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\LED Control\LEDControl.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000091648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2017-02-06 22:11 - 2015-07-13 12:16 - 001341440 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\MoboConnect.dll
2017-02-06 22:12 - 2013-11-20 11:10 - 000662016 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2017-02-06 22:12 - 2013-07-02 11:40 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2017-02-06 22:09 - 2015-05-08 08:26 - 000104448 ____R () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2017-02-08 21:37 - 2016-08-02 15:05 - 000061440 _____ () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.32\Exeio.dll
2017-02-08 21:37 - 2016-08-02 14:51 - 001752576 _____ () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.32\Vender.dll
2016-06-01 08:49 - 2016-06-01 08:49 - 000232960 _____ () [File not signed] E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\node_modules\mdns\build\Release\dns_sd_bindings.node
2016-06-01 08:49 - 2016-06-01 08:49 - 000171520 _____ () [File not signed] E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\node_modules\serialport\build\serialport\v1.6.1\Release\node-v11-win32-x64\serialport.node
2016-06-01 08:51 - 2016-06-01 08:51 - 000295936 _____ () [File not signed] E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\node_modules\usb\node_modules\usb-shyp-win32-x64\node-v11\usb_bindings.node
2016-06-01 08:49 - 2016-06-01 08:49 - 000144384 _____ () [File not signed] E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\node_modules\usb-detection\build\Release\detection.node
2018-04-01 19:39 - 2018-04-01 19:39 - 000107520 _____ () [File not signed] E:\SolidWorks 2017\SOLIDWORKS\NETAPI32.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 002109952 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\log4cxx.dll
2017-02-06 22:09 - 2015-05-08 08:26 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2017-02-06 22:10 - 2015-09-17 11:58 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\ASACPI.DLL
2017-02-06 22:10 - 2015-09-17 11:58 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpi.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2017-02-08 21:38 - 2016-03-07 22:42 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsAcpi.dll
2017-02-06 22:09 - 2019-09-17 20:11 - 000037160 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-02-06 22:09 - 2015-05-08 08:26 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\asacpiEx.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpiEx.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\asacpiex.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2017-02-06 22:11 - 2016-03-07 22:42 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiex.dll
2017-02-06 22:11 - 2015-07-13 12:16 - 000114688 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\AndroidOpenAccessory.dll
2017-02-06 22:12 - 2013-11-20 11:10 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\AsMultiLang.dll
2017-02-06 22:12 - 2014-07-25 16:46 - 001328128 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotice.dll
2017-02-06 22:12 - 2015-06-19 00:46 - 001087488 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\System Information\SystemInfo.dll
2017-02-06 22:12 - 2010-03-08 18:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\AsMultiLang.dll
2017-02-06 22:12 - 2015-03-12 15:48 - 000901120 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\Express.dll
2017-02-08 21:38 - 2016-03-07 22:42 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\asacpiEx.dll
2018-01-18 23:55 - 2012-03-14 06:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAQ.DLL
2017-02-06 22:10 - 2015-09-17 11:58 - 001864192 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\platforms\qwindowsd.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 008492544 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Cored.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 009202688 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Guid.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 008172032 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Widgetsd.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 000316928 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Xmld.dll
2018-04-30 03:42 - 2020-02-03 10:02 - 001098240 _____ (SafeNet Inc.) [File not signed] C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\haspvlib_42011.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 021529088 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icudt53.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 001982976 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icuin53.dll
2017-02-06 22:10 - 2015-09-17 11:58 - 001355264 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\icuuc53.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2017-02-08 21:37 - 2016-11-04 10:53 - 000204288 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.32\AsusGpuTweak.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Jirka\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Jirka\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2019-01-04 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Common Files\Autodesk Shared\
HKCU\Environment\\Path -> C:\Users\Jirka\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jirka\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\69265425_3523415687684026_7490753148424814592_o.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "SolidWorks Nástroj pro stahování na pozadí.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer DMS"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer WSAgent"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "ASUSRAMCACHE"
HKLM\...\StartupApproved\Run32: => "ASUS Media Streamer ShareEdit"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "Windows Defender"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "SpyEmergency"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "MinerGateGui"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\StartupApproved\Run: => "Hansoft Client"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{CC05484C-B396-47C7-9C23-64F73A9A6966}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.)
FirewallRules: [UDP Query User{14994BD9-F8D9-4A9D-8C27-84E36027D5E6}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe No File
FirewallRules: [TCP Query User{CFD632A0-818A-4B6E-A1B4-6A187677CF5B}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe No File
FirewallRules: [{A18333F9-4B8E-4802-BF8F-E58FC52F3D28}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{8D74237C-FF0D-4A23-B338-727FE45A9A5F}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{430B8244-2D92-4181-8B4C-577B19423992}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{75254D3A-C9D1-4900-B1D5-9EFD24D2C762}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7923C41C-6C42-4C5F-9530-A2D1802E96F5}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E32AD49B-A34F-4ACE-BF7F-8D47799FFADB}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{91C673FF-CB71-4DE6-BBAB-F7F45589FB66}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{4E1B814D-836D-48C7-B5C1-1E84C434758B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{38F0A8CD-1175-4984-9FFB-CF4DAC8EF62B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{AD4EA3B5-89FA-421E-BF9D-4A62B4EAB144}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{65A14321-DC82-43B3-8BF4-6E790A0AC32A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe No File
FirewallRules: [TCP Query User{257A905D-F96E-4E8A-88F7-1B3045D85645}C:\users\jirka\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jirka\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{5B0FA166-9C5C-4F16-A54D-5F5245AB2AD0}C:\users\jirka\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jirka\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [TCP Query User{FE93DE3E-56CB-4B9C-8874-54B9FB57636A}C:\users\jirka\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jirka\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{CAE56EA4-44F1-4AA4-9184-93935CA004C7}C:\users\jirka\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jirka\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [{1011121D-5E85-41CB-A3FC-DB356CAE8A80}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{13082B9A-2971-4971-B427-9786CC8F0767}C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe No File
FirewallRules: [UDP Query User{61850BF3-7FD6-42F7-8327-DD7A1AEF7C7F}C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe No File
FirewallRules: [{3E7957DB-4671-4C84-BC5B-26A03BBE6E76}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BB555538-FAB9-415B-BD49-9A2E5DB59525}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{71B94EA1-F7CE-432C-B86E-44A3DB39A97F}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe No File
FirewallRules: [UDP Query User{242C97C2-B7C3-4124-8161-47E79115B454}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe No File
FirewallRules: [{10DF7F78-9AF7-47B6-9D12-1D3D1B21DC75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{17659BC9-DA1E-465D-A9BD-C63EC18A3A89}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E5CD985D-6566-43BF-8EDE-ACA89DEAA082}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{42D7110D-B6DA-4747-B27E-C788C81C2D5F}C:\program files\autodesk\motionbuilder 2015\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2015\bin\x64\motionbuilder.exe No File
FirewallRules: [UDP Query User{766896E4-AD49-45E2-B220-EE362A811F5A}C:\program files\autodesk\motionbuilder 2015\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2015\bin\x64\motionbuilder.exe No File
FirewallRules: [TCP Query User{AFA6648B-58F9-41B7-ACDD-94C039968840}C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe No File
FirewallRules: [UDP Query User{9F433FA4-B5C5-4461-A46F-5BA86BA3D72F}C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe No File
FirewallRules: [TCP Query User{5C1358D7-DDC4-4264-989E-4086AF636224}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [UDP Query User{2A41B037-6D1A-40CD-90A6-76732370A683}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [TCP Query User{19E7676D-5836-4841-A70F-889809ECCE97}E:\maya\maya2017\bin\maya.exe] => (Allow) E:\maya\maya2017\bin\maya.exe No File
FirewallRules: [UDP Query User{232F024F-4E91-4DEE-ABCF-C0477687B95D}E:\maya\maya2017\bin\maya.exe] => (Allow) E:\maya\maya2017\bin\maya.exe No File
FirewallRules: [TCP Query User{CD8DBDBD-151A-4725-B09C-64F14AC28D1F}D:\total.war.shogun.2.complete-kaos\shogun2.exe] => (Allow) D:\total.war.shogun.2.complete-kaos\shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [UDP Query User{7BB2320D-0AD7-4FA9-BFFB-E59478C830AC}D:\total.war.shogun.2.complete-kaos\shogun2.exe] => (Allow) D:\total.war.shogun.2.complete-kaos\shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [TCP Query User{4B60FB03-9942-412D-B643-F6E95BEDF3E1}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [UDP Query User{25D1AF24-3252-4A56-8FE1-D096390DC308}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [TCP Query User{36993257-B96F-4E64-A258-A50CB4E1BF56}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [UDP Query User{77893253-C181-4A31-A23F-17963852DA62}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [TCP Query User{F84BE87F-BBE2-4ECD-A015-26E82BCC5799}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{E9A3ADED-CD9D-4D84-90CC-58324B94EF65}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{4DE3B5B3-4EF3-4D3E-BE82-40D1272706A8}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{39CB39A2-6E54-463F-A951-3C6BA529919A}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{CDE9C52F-72E7-4B9E-94D0-FF9FED71558F}C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe No File
FirewallRules: [UDP Query User{34720ECA-2895-4F48-B8EA-A6B25F8BD35B}C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2017\bin\x64\motionbuilder.exe No File
FirewallRules: [{579648C9-13D7-436E-A73A-302938092FC2}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{32CDEF4C-FA5F-432C-9212-53ADF7C9E05F}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{7C41AEC9-1E5E-4A53-9F28-C30AFFE7B34E}E:\monacoin\monacoin-qt.exe] => (Allow) E:\monacoin\monacoin-qt.exe No File
FirewallRules: [UDP Query User{9ABDC56A-C2F1-43CF-9E7E-9FAD84A1BE52}E:\monacoin\monacoin-qt.exe] => (Allow) E:\monacoin\monacoin-qt.exe No File
FirewallRules: [TCP Query User{906ACE46-BE6E-4973-876B-40C515C85F8C}F:\trezarcoin\trezarcoin-qt.exe] => (Allow) F:\trezarcoin\trezarcoin-qt.exe No File
FirewallRules: [UDP Query User{87F642A6-C769-4223-9B43-1DA4CF06CBA1}F:\trezarcoin\trezarcoin-qt.exe] => (Allow) F:\trezarcoin\trezarcoin-qt.exe No File
FirewallRules: [{D9D06082-EE9A-4569-A034-B7916CA95799}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{5F3993A9-2ADC-4D92-8E7A-3B24C4190FA5}D:\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\prey\binaries\danielle\x64\release\prey.exe No File
FirewallRules: [UDP Query User{CD3F961A-01F0-46DE-A893-8FD1AE24B525}D:\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\prey\binaries\danielle\x64\release\prey.exe No File
FirewallRules: [TCP Query User{762F5CD2-7DFE-4061-9C44-CC6AF64EAAD9}E:\nicehash advanced\bin\xmr-stak\xmr-stak.exe] => (Allow) E:\nicehash advanced\bin\xmr-stak\xmr-stak.exe () [File not signed]
FirewallRules: [UDP Query User{09939E35-72C2-4D06-8599-EBC1BCE1808C}E:\nicehash advanced\bin\xmr-stak\xmr-stak.exe] => (Allow) E:\nicehash advanced\bin\xmr-stak\xmr-stak.exe () [File not signed]
FirewallRules: [TCP Query User{EE171DEB-9E84-447E-9F7F-19BB1F61CD7C}E:\nicehash advanced\bin\xmrig\xmrig.exe] => (Allow) E:\nicehash advanced\bin\xmrig\xmrig.exe (www.xmrig.com) [File not signed]
FirewallRules: [UDP Query User{A100E497-C0FF-4A3A-8F18-C7C38E6B2464}E:\nicehash advanced\bin\xmrig\xmrig.exe] => (Allow) E:\nicehash advanced\bin\xmrig\xmrig.exe (www.xmrig.com) [File not signed]
FirewallRules: [TCP Query User{CAD4626E-27AC-4A5E-B68E-BB20350FFD54}C:\users\jirka\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\jirka\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{E2E5B9C1-25BB-49F6-BDC1-3C7EBD66D702}C:\users\jirka\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\jirka\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [TCP Query User{B5BEB195-FFF4-46CA-92B5-D3BDD231AEFB}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{6D70B8FF-9FD4-400B-B36C-8B6E0C814C3F}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{54C00440-7098-40C5-A23F-C0A8CD318501}D:\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) D:\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe No File
FirewallRules: [UDP Query User{D4730EB1-CC1B-42DF-B907-9A0A31E825F9}D:\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) D:\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe No File
FirewallRules: [TCP Query User{16F60D61-DF50-4855-A61F-7A1D0EA1C567}D:\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\prey\binaries\danielle\x64\release\prey.exe No File
FirewallRules: [UDP Query User{D9B71138-31D9-4EAC-A707-740C3C9F759C}D:\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\prey\binaries\danielle\x64\release\prey.exe No File
FirewallRules: [TCP Query User{53736F6C-376F-42BF-85BF-0BA8B1495E1C}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{8A1CC0BC-546A-459B-9924-29722C82D9AF}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{01544853-43DB-45C1-94FE-38B0D3910725}D:\grand theft auto v\gta5.exe] => (Block) D:\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{05068FCE-5803-4729-9853-2B24B87ACC9F}D:\grand theft auto v\gta5.exe] => (Block) D:\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{168DC2D3-92DE-4FF2-8BE0-9915ACC8E926}E:\motionbuilder 2018\bin\x64\motionbuilder.exe] => (Allow) E:\motionbuilder 2018\bin\x64\motionbuilder.exe No File
FirewallRules: [UDP Query User{F0982ABA-805C-4F05-84CA-948CDF6E26F2}E:\motionbuilder 2018\bin\x64\motionbuilder.exe] => (Allow) E:\motionbuilder 2018\bin\x64\motionbuilder.exe No File
FirewallRules: [TCP Query User{9A4A41AF-AD86-4CB7-BE68-4C084B363BE4}E:\solidworks 2017\solidworks\photoview\photoview360.exe] => (Allow) E:\solidworks 2017\solidworks\photoview\photoview360.exe (The Foundry Visionmongers Ltd. -> )
FirewallRules: [UDP Query User{1FB98924-2F48-486E-A64C-5B42D2DBDE53}E:\solidworks 2017\solidworks\photoview\photoview360.exe] => (Allow) E:\solidworks 2017\solidworks\photoview\photoview360.exe (The Foundry Visionmongers Ltd. -> )
FirewallRules: [{A6F94A26-C517-439D-AB0F-06C04B8A80AE}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{768FC3C9-672B-4323-BB95-556833D244CB}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{751C527F-9CF5-4BD6-B9CE-A69EC3EEEB8A}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{157ECEB0-2014-4FC7-A549-FF2930F7F498}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E3120685-DBD4-4D2C-9A02-D725AE57B054}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{A7F709D4-4477-4E4C-977D-5F3FDFC2C554}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{80E28F4C-4981-434C-B77E-E02DCF16823B}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{EF872711-A2EC-4D43-90C6-DCB2680057F2}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{F0188AF8-647B-4F9B-B2F7-C057867D6A1E}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B67BDA96-DF12-48B0-BFE1-173C3307444B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A46ACAED-D94F-4ADF-965D-FF032D39624F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{61F28BCD-80B3-4EF3-8D8B-9520FC563C14}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4A6010CF-C72A-4020-BDD8-96FB410CE8A6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3A79EB7D-7420-41C1-A247-F8503D7EFCA5}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C2A3B3F6-7D81-4FA8-BCE9-6D783A351543}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{322D21D4-A287-4003-AD54-23ECAF45B0BF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3C0CC0D4-693D-469B-B796-D5E03F1259EE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{377A2ED9-7C84-43CE-BF67-2E89D0DBFE0E}D:\alien isolation\ai.exe] => (Allow) D:\alien isolation\ai.exe No File
FirewallRules: [UDP Query User{47E0F721-9D4D-458F-80EC-E10B072FC568}D:\alien isolation\ai.exe] => (Allow) D:\alien isolation\ai.exe No File
FirewallRules: [{A1BDDB48-4073-4CAE-AB30-1C7FFD929C2F}] => (Allow) E:\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{067737A7-349E-4DFE-A390-A307262538B6}] => (Allow) E:\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{7DBCE48F-BE3B-41DD-8F45-4C0CB0E37B0B}] => (Allow) E:\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{966596D1-DF63-4B32-8395-24200B4BFC05}] => (Allow) E:\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{AB060674-16EC-4078-A6E8-889F2C425437}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{44D441A7-0E3C-4114-A276-FAD9D5B9ACD6}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{3F1314FB-3C4E-47C1-B5E9-0B1374BA3303}C:\users\jirka\appdata\local\temp\rar$exa0.571\electroneumd.exe] => (Allow) C:\users\jirka\appdata\local\temp\rar$exa0.571\electroneumd.exe No File
FirewallRules: [UDP Query User{6333312D-BA52-4E0E-9E31-2B7B7B64C734}C:\users\jirka\appdata\local\temp\rar$exa0.571\electroneumd.exe] => (Allow) C:\users\jirka\appdata\local\temp\rar$exa0.571\electroneumd.exe No File
FirewallRules: [{72210114-F1C5-4504-98ED-BD82098B1801}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{42645B12-49D1-4759-96B3-DF794298126E}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{AEB781CB-268F-4E94-BB1A-85AB9A21EBBF}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{EACCB359-875D-4B8F-8ABA-C57B5FD02CC9}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{18D1A561-79C5-4E0D-A0C6-F96652561F8B}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{F79C4105-4F0E-4797-B882-554BBC3231CD}D:\starcraft ii\versions\base69232\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base69232\sc2_x64.exe No File
FirewallRules: [UDP Query User{5B782376-8457-4403-83C0-5A34C8308A6E}D:\starcraft ii\versions\base69232\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base69232\sc2_x64.exe No File
FirewallRules: [{7786E320-54EB-406D-9409-6D860C38179E}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BBBA785F-4112-41E5-BAC9-6CFAE7752E8D}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E9BAF57E-6295-4795-AE7F-54840CED39A9}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BA43BA5E-3FAB-40E2-AA6D-F73A009C3262}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{4694A910-56CB-41F2-BFC0-E5791B8CFE33}D:\star citizen\starcitizen\live\bin64\starcitizen.exe] => (Allow) D:\star citizen\starcitizen\live\bin64\starcitizen.exe No File
FirewallRules: [UDP Query User{1DBBF016-81FD-4BD9-862B-72E0792A32FB}D:\star citizen\starcitizen\live\bin64\starcitizen.exe] => (Allow) D:\star citizen\starcitizen\live\bin64\starcitizen.exe No File
FirewallRules: [{13A80E5C-1E74-48CC-B7E5-1EAA546A264E}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{730CCC1C-0318-4FBF-B9E1-FC71A8AE4B2F}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F5BBF239-E35E-4EA3-9034-43423C6C326F}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D8170029-56A3-45C7-9B7A-0FE7762023F4}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{17885E0E-E642-461F-B4C5-C80AE03F3393}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AD032AA1-D0A4-4E8D-8567-94C001702D31}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{81280EB7-0F8C-43AE-B706-60B9E9F1E839}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{85A7DE0A-71C5-43D7-8D6D-A7DC19612732}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B6369CE8-6AFA-4E87-B70D-62FA361B7083}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FA0B90F1-35EA-429B-B0C9-5BD6B957A8CA}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9826C011-4CC4-48EA-86A9-6E5770D8FD17}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1D2A6EB7-A491-4C90-91D5-C98BB42833C7}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0DEDDBEE-E9AA-4A2F-ADA7-A79444EC8DDD}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3FB93DF1-69B3-4E0A-A58C-FD84B32FE986}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8717E4C3-4A87-45F5-BA2D-CE5B8B783885}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{613BEE60-C7A4-43B6-A0DB-1D1949D61B4D}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{57D004D6-EAC2-4126-981C-381947048420}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{06E7A2D8-FC5F-4D93-BFCE-432412FEC5E0}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EF2A1DC7-081E-49DD-BAC5-191BB9520B87}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CA6E2771-B19D-40D6-A3E9-29E861B61128}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{27581E84-30CB-4000-AE99-34AD611ACFA9}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{04FA1E0A-A302-453A-BEE6-8D5208B32A54}C:\program files (x86)\solarwinds\free tools\tftp-server.exe] => (Allow) C:\program files (x86)\solarwinds\free tools\tftp-server.exe No File
FirewallRules: [UDP Query User{E74ED963-33E7-4D04-B529-471ECCD65852}C:\program files (x86)\solarwinds\free tools\tftp-server.exe] => (Allow) C:\program files (x86)\solarwinds\free tools\tftp-server.exe No File
FirewallRules: [TCP Query User{BE2E03E0-1A2B-4F7D-9E9C-128C0A34C9BC}C:\program files (x86)\cesarftp\server.exe] => (Block) C:\program files (x86)\cesarftp\server.exe No File
FirewallRules: [UDP Query User{D29CE9DC-5F5C-4D31-AE6D-F1FF81195E9F}C:\program files (x86)\cesarftp\server.exe] => (Block) C:\program files (x86)\cesarftp\server.exe No File
FirewallRules: [{9D8C9EA1-816E-4DCC-A042-686493D0455C}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{16795300-3D8B-489B-964C-305351601F91}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1AB5677D-C676-46CD-B75A-F8176D7FCEC1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{81B785CC-6547-49D9-BD56-EB3BCC64706E}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{178980A5-03CE-4E3C-9A94-4BE8C109EE5B}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CFD3AFCB-5135-4213-81D5-628FA1FA3F0D}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ACAAF10C-DBE4-4D55-A4E1-D7ACEB5AFDED}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{B01E88D5-1D32-47F9-937C-DECB6FC53041}D:\dcs\dcs world\bin\dcs_updater.exe] => (Allow) D:\dcs\dcs world\bin\dcs_updater.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [UDP Query User{73956CA4-E264-4DC3-9849-8077E3CD26D1}D:\dcs\dcs world\bin\dcs_updater.exe] => (Allow) D:\dcs\dcs world\bin\dcs_updater.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [{628C8E1D-D000-44AA-BABE-B21B91CE1360}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AF961055-423B-489E-9948-80C46A4488BF}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C97CF50F-9765-446A-AC09-A3AD6D25A6A0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F6229EE2-FE56-4086-9F2C-5AF1FC10E3B5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{718DDD9E-79C2-47EB-B921-641D6F075C68}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0C6E96EF-08C4-409E-B47C-74DC73EB4C51}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F4D9D9D8-1644-43EA-847B-96533112071C}D:\starcraft ii\versions\base75800\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base75800\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{AA55040C-4A37-44BE-8349-68D0A0BFE342}D:\starcraft ii\versions\base75800\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base75800\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{61A3E9F1-9357-4664-A7F6-11270E371EF9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{3945D1A2-BA49-4BA1-A718-670D51FA689C}D:\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{0B56D395-98A3-4EAC-9AB0-596190B3C9DF}D:\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{C503B5A0-A9DD-41A2-AE0F-F6FF56E9E62E}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{283DAD63-1432-4AB9-9706-334DDBC3C4A8}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{72CD4523-1B1E-46DD-B1D8-67607D08204A}] => (Allow) C:\WINDOWS\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{3BEF19E3-80A5-4C7E-AC7A-CD8DAEC0EE34}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{8C7A9804-1422-41D5-A5A1-6C63096D7134}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{74025E28-A73F-4969-8F95-1D148FAD504C}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{2898E0B4-6D53-4C24-A1C3-E1459D8EAD6D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:97.19 GB) (Free:14.98 GB) (15%)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/18/2019 07:41:57 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:41:48 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:41:38 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:41:33 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:41:28 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:39:11 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <8, 0x8007000f, Nepodařilo se najít aplikaci pro získávání dat: Windows>.
Error: (09/18/2019 07:37:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LegacyCsLoaderService.exe, verze: 1.9.6.80, časové razítko: 0x58059006
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.799, časové razítko: 0x08a3d2a4
Kód výjimky: 0x40000015
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0xe08
Čas spuštění chybující aplikace: 0x01d56d83461f9c47
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: adfc988e-734e-4aa1-b518-46562ee0fc35
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (09/18/2019 07:37:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IntelTechnologyAccessService.exe, verze: 1.9.6.80, časové razítko: 0x58058ff0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.799, časové razítko: 0x08a3d2a4
Kód výjimky: 0x40000015
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0xdbc
Čas spuštění chybující aplikace: 0x01d56d83461d6fd7
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a8a5629f-ffb0-4077-9a53-e914acf7eb18
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (09/18/2019 07:41:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 28krát.
Error: (09/18/2019 07:41:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Systém nemůže nalézt uvedenou jednotku.
Error: (09/18/2019 07:41:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 27krát.
Error: (09/18/2019 07:41:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Systém nemůže nalézt uvedenou jednotku.
Error: (09/18/2019 07:41:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 26krát.
Error: (09/18/2019 07:41:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Systém nemůže nalézt uvedenou jednotku.
Error: (09/18/2019 07:41:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 25krát.
Error: (09/18/2019 07:41:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Systém nemůže nalézt uvedenou jednotku.
CodeIntegrity:
===================================
Date: 2019-09-18 07:43:33.486
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-18 07:43:33.481
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-18 07:43:33.409
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-18 07:43:33.403
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-17 23:09:49.181
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-17 23:09:49.179
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-17 20:11:06.433
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-09-15 22:57:10.560
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2003 09/19/2016
Motherboard: ASUSTeK COMPUTER INC. Z170 PRO GAMING
Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 29%
Total physical RAM: 16274.71 MB
Available physical RAM: 11485.36 MB
Total Virtual: 19986.71 MB
Available Virtual: 14131.59 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:97.19 GB) (Free:14.98 GB) NTFS
Drive d: (HRY) (Fixed) (Total:984.11 GB) (Free:69.74 GB) NTFS
Drive e: (SOFTWARE) (Fixed) (Total:134.74 GB) (Free:43.05 GB) NTFS
Drive f: (DATA) (Fixed) (Total:585.94 GB) (Free:59.59 GB) NTFS
Drive g: (MOGC) (Fixed) (Total:292.97 GB) (Free:241.56 GB) NTFS
\\?\Volume{0aa624b1-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0aa624b1-0000-0000-0000-506b18000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 0AA624B1)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=478 MB) - (Type=27)
Partition 4: (Not Active) - (Size=134.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 3E4A63B1)
Partition 1: (Not Active) - (Size=984.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
-
palandinin
- Návštěvník
- Příspěvky: 9
- Registrován: 15 zář 2019 09:27
Re: prosím o preventivní kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-09-2019
Ran by Jirka (administrator) on DESKTOP-PC2JKS5 (18-09-2019 07:41:58)
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available Profiles: Jirka)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() [File not signed] E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ASUSTeK Computer Inc. -> ASUSTeK) C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe
(Autodesk Inc -> Autodesk) C:\Users\Jirka\Autodesk\Genuine Service\GenuineService.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) E:\SolidWorks 2017\SOLIDWORKS\sldworks_fs.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Online Connect -> Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxEM.exe
(Joyent, Inc -> Joyent, Inc) E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\bin\win\node.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc. -> VMware, Inc.) E:\VMware Workstation\vmware-authd.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSRAMCACHE] => C:\Program Files (x86)\ASUSRAMCACHE\RamCache.exe [4325520 2017-02-06] (FNet Co., Ltd. -> FNet Co., Ltd.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [708904 2018-05-09] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5888320 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-04-15] (Power Software Ltd -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => E:\VMware Workstation\vmware-tray.exe [115688 2017-09-18] (VMware, Inc. -> VMware, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3210528 2019-08-22] (Valve -> Valve Corporation)
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83523944 2019-08-08] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\MountPoints2: I - "I:\setup.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2688952 2016-05-26] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [6508496 2016-06-14] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [6508496 2016-06-14] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2688952 2016-05-26] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [6508496 2016-06-14] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #5] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2688952 2016-05-26] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #7] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [6508496 2016-06-14] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-28] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2017 Rychlé spuštění.lnk [2018-04-01]
ShortcutTarget: SOLIDWORKS 2017 Rychlé spuštění.lnk -> C:\Windows\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2018-02-21]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2019-06-15]
ShortcutTarget: GenuineService.lnk -> C:\Users\Jirka\Autodesk\Genuine Service\GenuineService.exe (Autodesk Inc -> Autodesk)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0079D318-3766-4E4F-8D7F-ADA8F2897769} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4068864 2016-09-20] (TODO: <Company name>) [File not signed]
Task: {0645D363-BB7F-46D5-BF65-3A7EED8BB86C} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1290200 2016-11-29] (ASUSTeK Computer Inc. -> )
Task: {0C41656C-F70A-4CA3-9B81-803852AABACD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4467864 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A22F2FB-1BA3-4D99-BCE0-19DF57E777DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A5E9B08-289D-49BE-B5B1-D1FB3468F82E} - System32\Tasks\Intel PTT EK Recertification
Task: {1F9F8480-511E-4141-9176-63CCED30AD2A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {33858A09-02DE-4D49-96D6-A9B2473A25BA} - System32\Tasks\AutoPico Daily Restart => F:\stazene [Argument = soubory\KMSpico 10.2.0 FINAL + Portable (Office and Windows 10 Activator) [TechTools]\Nová složka\AutoPico.exe /silent]
Task: {364BC527-DD1C-41BF-8074-3FEB6BE04400} - System32\Tasks\{0DE4F31D-8F67-4EB9-8D23-CA87B7C5811A}
Task: {36F41084-F57B-4E21-8FC5-C6EFA033784C} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-PC2JKS5-Jirka
Task: {37ED2397-B478-4F7F-B9F8-2B635B990B2E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {410E2BE2-6E3C-44EE-AA8C-3F1E11EB4442} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {4540E921-1848-450D-A47F-2A472DAAA71D} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {46191D2F-C912-4A12-9B33-B895B08E0E12} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-21] (Google Inc -> Google Inc.)
Task: {469B6FD1-7F2D-4718-A822-A8F8CEE3E4A2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4467864 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A485ACE-AB54-4206-AA99-C3A2138943F8} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
Task: {4EDF0776-CFB7-41DD-904D-CC27876A3F57} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6193080 2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
Task: {523F7B0E-1436-4455-8ED0-744301244BD5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5753752 2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
Task: {5345CA82-562E-41DF-9663-2FD7CE0427A3} - System32\Tasks\Opera scheduled Autoupdate 1549672802
Task: {5A2D2E65-98DE-4F2A-A47E-61C89E01D168} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {5B043FE3-1A90-415A-A7A1-68E539101B5B} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1459152 2015-09-10] (ASUSTeK Computer Inc. -> )
Task: {614A83B3-5B3A-4008-9C64-75D4744B977E} - System32\Tasks\Update Manager
Task: {6B2C74BC-2FF3-4C15-9CDB-F1B51244CD15} - System32\Tasks\{7A8E1286-645E-46AD-856C-FB1AC4DCE360}
Task: {6C3A1A6E-DD47-466D-B510-1745FB074148} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849720 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7191E7CA-4FFD-4D8F-B294-5CD5DE215EC3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591160 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {740E3197-8950-4C2E-964E-F1097A7C8EB2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {7C606972-3804-4264-82B0-8CA215EEEC10} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E3A8F47-0A7A-44ED-95B2-5774037E5444} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F3B6939-A8D4-4B16-9850-E797F6AE749A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {839D8856-B8B2-4708-B460-3A7FD7685959} - System32\Tasks\Adobe Acrobat Update Task
Task: {895B85B7-1FC2-4E42-9A99-94239628DB4B} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1957848 2016-11-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {9A515EA6-1181-4BD3-942B-6F59BFC0A12C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-21] (Google Inc -> Google Inc.)
Task: {9A66194F-ED08-4810-8A06-6250CE972D35} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9F6D02B4-F4FB-4C4B-8218-9CD74178DBBF} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-PC2JKS5-Jirka
Task: {B39B0309-C391-4091-A161-21162EA6DF86} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3BA0DEC-81D2-407B-82A6-A8AC50293298} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B5ABFE21-4F65-4164-B20A-90614389A6C9} - System32\Tasks\Adobe Flash Player Updater
Task: {C9380C0C-BE7F-4C8F-B080-05A748E8F278} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849720 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA55C9A9-E5AD-4DEE-9F1E-1F8916A70924} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
Task: {CB410B19-26C5-44E1-8E1D-E11D9F959424} - System32\Tasks\Opera scheduled Autoupdate 1555070287 => E:\Opera\launcher.exe [1520152 2019-09-03] (Opera Software AS -> Opera Software)
Task: {DBD8CD6D-4411-424C-A2BC-B103DA4FB72C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {DE17FEB7-3399-432E-B009-A76CC7B8D524} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2045832 2019-08-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {DF7323FC-22F8-4D09-AE9D-2D4AB275EFC2} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon
Task: {E551032D-E32B-4F41-80F8-447D881B1F7D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3942792 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {E672BB8B-74E8-4F67-B255-AA27647A6142} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [3646264 2014-05-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {E7981D6E-640F-419A-BF3B-17F9126FAA7F} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {E93253F8-44D5-4D0A-B2D1-C20CE1A58806} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9391356-943A-41F9-9C6E-FCF8CAD5C5FA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [4747720 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {EAA356FC-2184-496B-AB52-1262687AFD28} - System32\Tasks\CCleaner Update
Task: {EC6CA8AC-7F8D-4973-B0A7-0FB56A1B7695} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7
Task: {EF3650BE-B09C-4EE3-B8E1-57B6BC04F879} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
Task: {F6680FC3-20A7-42E9-91EF-FA4C24109EAA} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FCC9F378-913F-41D5-99CC-B9703F2F4886} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{389b8ba4-50fe-4d06-9133-c7331deda2b6}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{831b9168-c0f0-4678-81d4-80aa171a9b9d}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-12-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-12-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
FireFox:
========
FF DefaultProfile: 96wq1v98.default
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default [2019-09-18]
FF user.js: detected! => C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\user.js [2017-06-29]
FF DownloadDir: F:
FF Homepage: Mozilla\Firefox\Profiles\96wq1v98.default -> google.cz
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\Extensions\sp@avast.com.xpi [2019-09-12]
FF Extension: (Zhasnout světla) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\Extensions\stefanvandamme@stefanvd.net.xpi [2019-07-02]
FF Extension: (Avast Online Security) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\Extensions\wrc@avast.com.xpi [2019-09-09]
FF Extension: (No Name) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-23]
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> E:\SolidWorks 2017\SOLIDWORKS Composer Player\Bin\npcomposerplayerwebplugin.dll [2016-11-23] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-10-08] (Adobe Systems Incorporated -> )
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> E:\SolidWorks 2017\SOLIDWORKS Composer Player\Bin\x86\npcomposerplayerwebplugin.dll [2016-11-23] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-10-08] (Adobe Systems Incorporated -> )
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-12-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-12-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
Chrome:
=======
CHR Profile: C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default [2019-07-09]
CHR Extension: (Prezentace) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-24]
CHR Extension: (Dokumenty) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-24]
CHR Extension: (Disk Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-24]
CHR Extension: (YouTube) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-24]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-18]
CHR Extension: (Tabulky) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-04]
CHR Extension: (Avast Online Security) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-24]
CHR Extension: (Gmail) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-24]
CHR Extension: (Chrome Media Router) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1388920 2018-05-09] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] (ASUSTeK Computer Inc. -> )
S2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2016-05-27] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-09-26] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsusFanControlService.exe [2394072 2016-09-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [356632 2015-06-10] (ASUSTeK Computer Inc. -> ASUSTeK)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5975136 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [405072 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-03-25] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11568224 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
S3 CoordinatorServiceHost; E:\SolidWorks 2017\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81304 2016-11-23] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-10] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-10] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-12-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4621632 2015-04-14] (SafeNet, Inc. -> SafeNet Inc.)
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2016-11-23] (Intel(R) Software Development Products -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Trust Services -> Intel(R) Corporation)
U3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25312 2016-11-01] (Intel(R) Online Connect -> Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [34528 2016-11-01] (Intel(R) Online Connect -> Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-14] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-17] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-17] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-11-08] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-02-09] (Even Balance, Inc. -> )
R2 PrintManager; E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe [328704 2016-06-01] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2018-01-23] (SolidWorks) [File not signed]
R2 VMAuthdService; E:\VMware Workstation\vmware-authd.exe [95208 2017-09-18] (VMware, Inc. -> VMware, Inc.)
S3 VMwareHostd; E:\VMware Workstation\vmware-hostd.exe [14344168 2017-09-18] (VMware, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology Corp. -> Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [28472 2015-07-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209552 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263008 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [282768 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169408 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [478096 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387176 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-08-03] (EldoS Corporation -> /n software, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2017-02-06] (Disc Soft Ltd -> Disc Soft Ltd)
R0 FNETHYRAMAS; C:\WINDOWS\System32\drivers\FNETHYRAMAS.SYS [45688 2017-02-06] (FNet Co., Ltd. -> FNet Co., Ltd.)
R1 FNETURPX; C:\WINDOWS\System32\drivers\FNETURPX.SYS [16648 2017-02-06] (FNet Co., Ltd. -> FNet Co., Ltd.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [331608 2015-04-14] (SafeNet, Inc. -> SafeNet Inc.)
S3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [14136 2014-08-06] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation)
R1 NFC_Driver; C:\WINDOWS\System32\drivers\NFC_Driver.sys [48336 2015-06-11] (Tech Titan Limited -> Titan ARC Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_37ec54c19854e219\nvlddmkm.sys [20747736 2019-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2017-09-18] (VMware, Inc. -> VMware, Inc.)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-08-03] (EldoS Corporation -> /n software, Inc.)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [38376 2017-05-05] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-18 07:41 - 2019-09-18 07:43 - 000049128 ____C C:\Users\Jirka\Desktop\FRST.txt
2019-09-18 07:41 - 2019-09-18 07:41 - 001614848 ____C (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2019-09-18 07:41 - 2019-09-18 07:41 - 000000000 ____D C:\FRST
2019-09-17 20:11 - 2019-09-18 07:36 - 000000000 __SHD C:\Users\Jirka\IntelGraphicsProfiles
2019-09-17 20:11 - 2019-09-17 20:12 - 000000000 ___DC C:\Users\Jirka\AppData\Local\Intel
2019-09-17 20:11 - 2019-09-17 20:11 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-09-17 20:11 - 2019-09-17 20:11 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2019-09-15 22:48 - 2019-09-15 22:56 - 000000000 ____D C:\AdwCleaner
2019-09-15 22:48 - 2019-09-15 22:47 - 007622344 ____C (Malwarebytes) C:\Users\Jirka\Desktop\adwcleaner_7.4.1.exe
2019-09-15 10:32 - 2019-09-15 10:33 - 000000000 ____D C:\rsit
2019-09-15 10:32 - 2019-09-15 10:32 - 000000000 ____D C:\Program Files\trend micro
2019-09-15 10:32 - 2019-09-15 10:31 - 001222144 ____C C:\Users\Jirka\Desktop\RSITx64.exe
2019-09-15 10:24 - 2019-09-15 10:24 - 000000000 ____C C:\Users\Jirka\Desktop\Nový textový dokument.txt
2019-09-13 18:10 - 2019-09-13 18:10 - 000022463 ____C C:\Users\Jirka\AppData\Local\recently-used.xbel
2019-09-10 00:12 - 2019-09-10 00:12 - 000000000 ____D C:\ProgramData\LogiShrd
2019-09-09 23:57 - 2019-09-09 23:57 - 000000000 ___DC C:\Users\Jirka\AppData\Local\Logitech
2019-09-09 23:47 - 2019-09-09 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2019-09-09 23:46 - 2019-09-09 23:47 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2019-09-09 23:35 - 2019-09-09 23:40 - 125871888 _____ (Logitech Inc.) C:\Users\Jirka\Downloads\LGS_9.02.65_x64_Logitech.exe
2019-09-09 23:33 - 2019-09-09 23:33 - 000000000 ___DC C:\Users\Jirka\AppData\Roaming\Logitech
2019-09-09 23:33 - 2019-09-09 23:33 - 000000000 ___DC C:\Users\Jirka\AppData\Roaming\Logishrd
2019-09-09 23:22 - 2019-09-11 00:07 - 000000394 ____C C:\Users\Jirka\Desktop\TODAYYY.txt
2019-09-09 23:17 - 2019-09-09 23:21 - 112859648 _____ (Logitech Inc.) C:\Users\Jirka\Downloads\LGS_9.00.42_x86_Logitech.exe
2019-09-09 10:01 - 2019-09-09 10:01 - 018021376 ____C C:\unp307627243652816194i-manual.mdmp
2019-09-09 10:01 - 2019-09-09 10:01 - 018019006 ____C C:\unp307627243649848135i-manual.mdmp
2019-09-09 10:01 - 2019-09-09 10:01 - 018000219 ____C C:\unp307627243641881064i-manual.mdmp
2019-09-09 10:01 - 2019-09-09 10:01 - 000363912 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-09-09 10:01 - 2019-09-09 10:01 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-09-09 10:01 - 2019-09-09 10:01 - 000169408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-09-07 02:01 - 2019-09-07 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-09-06 00:31 - 2019-09-06 00:31 - 000000571 _____ C:\Users\Public\Desktop\World of Warcraft Classic.lnk
2019-09-05 14:18 - 2019-09-05 14:18 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-09-05 14:18 - 2019-09-05 14:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-09-05 14:18 - 2019-09-05 14:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-09-05 14:18 - 2019-09-05 14:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-09-04 13:37 - 2019-09-04 13:37 - 000951216 _____ C:\Users\Jirka\Downloads\brikstar_cz.pdf
2019-09-04 13:37 - 2019-09-04 13:37 - 000618696 _____ C:\Users\Jirka\Downloads\Lisy-na-kovy-2014_CZ.pdf
2019-09-03 18:55 - 2019-09-03 18:55 - 000141982 ____C C:\Users\Jirka\Downloads\Zeď _ Návrat do reality.html
2019-09-03 18:55 - 2019-09-03 18:55 - 000000000 ____D C:\Users\Jirka\Downloads\Zeď _ Návrat do reality_files
2019-08-31 14:51 - 2019-08-31 14:51 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-08-29 18:01 - 2019-08-29 18:02 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-23 17:02 - 2019-09-04 23:03 - 000000000 ___DC C:\Users\Jirka\AppData\Roaming\kicad
2019-08-23 16:42 - 2019-08-23 16:42 - 000000799 _____ C:\Users\Public\Desktop\FreeCAD 0.18.lnk
2019-08-23 16:42 - 2019-08-23 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCAD 0.18
2019-08-23 14:04 - 2019-08-23 14:04 - 005829478 _____ C:\Users\Jirka\Downloads\05 HIWIN katalog Polohovaci systemy-2017.pdf
2019-08-23 14:04 - 2019-08-23 14:04 - 000151360 _____ C:\Users\Jirka\Downloads\Katalogovy_list_LMG2A_CB6_CC8 (1).pdf
2019-08-23 14:04 - 2019-08-23 14:04 - 000000635 _____ C:\Users\Public\Desktop\KiCad.lnk
2019-08-23 14:04 - 2019-08-23 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KiCad
2019-08-23 08:26 - 2019-08-29 18:02 - 000000000 ____D C:\WINDOWS\Panther
2019-08-23 01:52 - 2019-08-23 02:08 - 1208015904 _____ (KiCad) C:\Users\Jirka\Downloads\kicad-5.1.4_1-x86_64.exe
2019-08-21 22:06 - 2019-08-21 22:06 - 000066008 _____ C:\Users\Jirka\Downloads\Záloha_křivky.cdr
2019-08-21 22:06 - 2019-08-21 22:06 - 000055823 _____ C:\Users\Jirka\Downloads\křivky.cdr
2019-08-21 20:56 - 2019-08-21 20:56 - 000001441 _____ C:\Users\Jirka\Downloads\67a7df339aa999e2bcfcfec88311abfc-761a7688fba3668a84b2dfe42a655a1b246ca193.zip
2019-08-19 03:02 - 2019-08-19 03:02 - 000000000 ___DC C:\Users\Jirka\Documents\Corel
2019-08-19 00:15 - 2019-08-19 00:15 - 000151360 _____ C:\Users\Jirka\Downloads\Katalogovy_list_LMG2A_CB6_CC8.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-18 07:37 - 2018-07-19 13:12 - 000000000 ___DC C:\Users\Jirka\AppData\Local\AVAST Software
2019-09-18 07:37 - 2018-05-18 19:32 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-09-18 07:36 - 2017-04-18 18:11 - 000000000 ___DC C:\Users\Jirka\AppData\LocalLow\Mozilla
2019-09-17 23:09 - 2018-05-18 19:28 - 000000000 ____D C:\Users\Jirka
2019-09-17 23:09 - 2018-05-18 19:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-17 23:09 - 2017-02-07 19:34 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-17 23:06 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-17 20:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-17 20:18 - 2018-05-18 19:36 - 001680254 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-17 20:18 - 2018-04-12 17:50 - 000712392 _____ C:\WINDOWS\system32\perfh005.dat
2019-09-17 20:18 - 2018-04-12 17:50 - 000143436 _____ C:\WINDOWS\system32\perfc005.dat
2019-09-17 20:18 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-09-17 20:11 - 2018-09-17 00:21 - 000000000 ____D C:\ProgramData\VMware
2019-09-17 20:11 - 2018-05-18 19:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-17 20:11 - 2017-02-08 21:05 - 000000000 ___DC C:\Intel
2019-09-17 20:11 - 2017-02-06 22:43 - 000000000 ____D C:\ProgramData\Intel
2019-09-17 20:11 - 2017-02-06 22:35 - 000000000 ____D C:\Program Files\Intel
2019-09-15 22:56 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-09-15 22:56 - 2017-12-14 17:17 - 000000000 ____D C:\ProgramData\Nero
2019-09-15 22:56 - 2017-02-06 22:04 - 000000000 ____D C:\Program Files (x86)\ASUS
2019-09-15 11:28 - 2018-05-18 19:26 - 001565520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-15 11:27 - 2018-06-27 02:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-09-15 11:27 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-09-15 11:21 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-15 10:14 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-13 18:45 - 2017-02-18 12:38 - 000000000 __RDC C:\Users\Jirka\Desktop\docs
2019-09-13 18:15 - 2019-04-03 12:17 - 000000000 ___DC C:\Users\Jirka\AppData\Local\babl-0.1
2019-09-13 18:10 - 2017-08-30 18:23 - 000000000 ___DC C:\Users\Jirka\AppData\Local\gtk-2.0
2019-09-12 23:54 - 2019-04-12 13:58 - 000003444 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1555070287
2019-09-12 23:54 - 2019-04-05 21:26 - 000002310 _____ C:\WINDOWS\System32\Tasks\Adobe Uninstaller
2019-09-12 23:54 - 2018-07-27 19:03 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-07-27 19:03 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-07-27 19:03 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-05-18 19:32 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-09-12 23:54 - 2018-05-18 19:32 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-12 23:54 - 2018-05-18 19:32 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-05-18 19:32 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-05-18 19:32 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-05-18 19:32 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-05-18 19:32 - 000002712 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2019-09-12 23:54 - 2018-05-18 19:32 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-09-12 23:54 - 2018-05-18 19:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-09-12 23:50 - 2017-02-08 17:09 - 000000000 ___DC C:\Users\Jirka\AppData\Local\CrashDumps
2019-09-12 23:26 - 2018-05-18 20:43 - 000000000 ___DC C:\Users\Jirka\AppData\Local\D3DSCache
2019-09-12 01:13 - 2017-07-24 01:30 - 000000000 ___DC C:\Users\Jirka\AppData\Local\Battle.net
2019-09-12 00:43 - 2017-04-02 11:18 - 000000000 ____D C:\Program Files (x86)\Steam
2019-09-09 10:07 - 2018-01-27 19:40 - 000478096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-09-09 10:01 - 2019-02-20 21:11 - 000282768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-09-09 10:01 - 2019-01-14 16:45 - 000263008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-09-09 10:01 - 2019-01-08 20:45 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-09-09 10:01 - 2019-01-08 20:45 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-09-09 10:01 - 2019-01-08 20:45 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-09-09 10:01 - 2018-10-22 12:07 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-09-09 10:01 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-09 10:01 - 2018-01-27 19:40 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-09-09 10:01 - 2018-01-27 19:40 - 000387176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-09-09 10:01 - 2018-01-27 19:40 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-09-09 10:01 - 2018-01-27 19:40 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-09-09 10:01 - 2018-01-27 19:40 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-09-07 13:17 - 2017-06-13 17:41 - 000000000 ____D C:\Temp
2019-09-07 02:01 - 2017-04-10 15:22 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-09-06 17:42 - 2017-04-18 17:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-06 17:42 - 2017-04-18 17:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-09-06 11:31 - 2019-04-12 13:58 - 000000728 ____C C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-09-06 11:31 - 2017-04-18 17:43 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-09-06 01:52 - 2018-07-16 03:50 - 000000000 ___DC C:\Users\Jirka\AppData\Roaming\Stellarium
2019-09-02 23:51 - 2018-07-10 16:51 - 000000000 ___DC C:\Users\Jirka\Documents\StarCraft II
2019-09-02 20:19 - 2017-04-17 20:28 - 000000000 ___DC C:\Users\Jirka\AppData\Local\Blizzard Entertainment
2019-09-01 05:57 - 2018-05-23 13:27 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-01 05:57 - 2018-05-23 13:27 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-08-31 14:49 - 2017-02-14 18:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-08-30 17:49 - 2019-08-04 18:03 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-08-30 17:17 - 2017-09-29 19:50 - 000000000 ____D C:\Program Files\rempl
2019-08-28 02:12 - 2017-12-21 21:24 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-28 01:18 - 2018-10-29 16:25 - 000000000 ___DC C:\Users\Jirka\Documents\The Witcher 3
2019-08-25 17:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-08-23 17:10 - 2019-08-18 21:55 - 000000000 ___DC C:\Users\Jirka\AppData\Roaming\Corel
2019-08-23 17:10 - 2019-08-18 21:44 - 000000000 ____D C:\ProgramData\Corel
2019-08-23 17:06 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-08-22 12:12 - 2017-04-10 15:22 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-08-22 12:12 - 2017-04-10 15:22 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-08-21 18:02 - 2018-05-18 19:32 - 000004000 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-08-21 18:02 - 2018-05-18 19:32 - 000003768 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
==================== Files in the root of some directories ================
2018-10-01 23:12 - 2018-10-01 23:12 - 000000000 ____C () C:\Users\Jirka\AppData\Local\oobelibMkey.log
2019-09-13 18:10 - 2019-09-13 18:10 - 000022463 ____C () C:\Users\Jirka\AppData\Local\recently-used.xbel
2017-12-22 23:49 - 2017-12-22 23:49 - 000007600 ____C () C:\Users\Jirka\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Ran by Jirka (administrator) on DESKTOP-PC2JKS5 (18-09-2019 07:41:58)
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available Profiles: Jirka)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() [File not signed] E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ASUSTeK Computer Inc. -> ASUSTeK) C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe
(Autodesk Inc -> Autodesk) C:\Users\Jirka\Autodesk\Genuine Service\GenuineService.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) E:\SolidWorks 2017\SOLIDWORKS\sldworks_fs.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Online Connect -> Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxEM.exe
(Joyent, Inc -> Joyent, Inc) E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\bin\win\node.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc. -> VMware, Inc.) E:\VMware Workstation\vmware-authd.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSRAMCACHE] => C:\Program Files (x86)\ASUSRAMCACHE\RamCache.exe [4325520 2017-02-06] (FNet Co., Ltd. -> FNet Co., Ltd.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [708904 2018-05-09] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5888320 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-04-15] (Power Software Ltd -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => E:\VMware Workstation\vmware-tray.exe [115688 2017-09-18] (VMware, Inc. -> VMware, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3210528 2019-08-22] (Valve -> Valve Corporation)
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83523944 2019-08-08] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001\...\MountPoints2: I - "I:\setup.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2688952 2016-05-26] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [6508496 2016-06-14] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [6508496 2016-06-14] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2688952 2016-05-26] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [6508496 2016-06-14] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #5] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe [2688952 2016-05-26] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKU\S-1-5-18\...\RunOnce: [Application Restart #7] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [6508496 2016-06-14] (ASUSTeK Computer Inc. -> TODO: <Company name>)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-28] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2017 Rychlé spuštění.lnk [2018-04-01]
ShortcutTarget: SOLIDWORKS 2017 Rychlé spuštění.lnk -> C:\Windows\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2018-02-21]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2019-06-15]
ShortcutTarget: GenuineService.lnk -> C:\Users\Jirka\Autodesk\Genuine Service\GenuineService.exe (Autodesk Inc -> Autodesk)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0079D318-3766-4E4F-8D7F-ADA8F2897769} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4068864 2016-09-20] (TODO: <Company name>) [File not signed]
Task: {0645D363-BB7F-46D5-BF65-3A7EED8BB86C} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1290200 2016-11-29] (ASUSTeK Computer Inc. -> )
Task: {0C41656C-F70A-4CA3-9B81-803852AABACD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4467864 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A22F2FB-1BA3-4D99-BCE0-19DF57E777DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A5E9B08-289D-49BE-B5B1-D1FB3468F82E} - System32\Tasks\Intel PTT EK Recertification
Task: {1F9F8480-511E-4141-9176-63CCED30AD2A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {33858A09-02DE-4D49-96D6-A9B2473A25BA} - System32\Tasks\AutoPico Daily Restart => F:\stazene [Argument = soubory\KMSpico 10.2.0 FINAL + Portable (Office and Windows 10 Activator) [TechTools]\Nová složka\AutoPico.exe /silent]
Task: {364BC527-DD1C-41BF-8074-3FEB6BE04400} - System32\Tasks\{0DE4F31D-8F67-4EB9-8D23-CA87B7C5811A}
Task: {36F41084-F57B-4E21-8FC5-C6EFA033784C} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-PC2JKS5-Jirka
Task: {37ED2397-B478-4F7F-B9F8-2B635B990B2E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {410E2BE2-6E3C-44EE-AA8C-3F1E11EB4442} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {4540E921-1848-450D-A47F-2A472DAAA71D} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {46191D2F-C912-4A12-9B33-B895B08E0E12} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-21] (Google Inc -> Google Inc.)
Task: {469B6FD1-7F2D-4718-A822-A8F8CEE3E4A2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4467864 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A485ACE-AB54-4206-AA99-C3A2138943F8} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
Task: {4EDF0776-CFB7-41DD-904D-CC27876A3F57} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6193080 2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
Task: {523F7B0E-1436-4455-8ED0-744301244BD5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5753752 2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
Task: {5345CA82-562E-41DF-9663-2FD7CE0427A3} - System32\Tasks\Opera scheduled Autoupdate 1549672802
Task: {5A2D2E65-98DE-4F2A-A47E-61C89E01D168} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {5B043FE3-1A90-415A-A7A1-68E539101B5B} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1459152 2015-09-10] (ASUSTeK Computer Inc. -> )
Task: {614A83B3-5B3A-4008-9C64-75D4744B977E} - System32\Tasks\Update Manager
Task: {6B2C74BC-2FF3-4C15-9CDB-F1B51244CD15} - System32\Tasks\{7A8E1286-645E-46AD-856C-FB1AC4DCE360}
Task: {6C3A1A6E-DD47-466D-B510-1745FB074148} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849720 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7191E7CA-4FFD-4D8F-B294-5CD5DE215EC3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591160 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {740E3197-8950-4C2E-964E-F1097A7C8EB2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {7C606972-3804-4264-82B0-8CA215EEEC10} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E3A8F47-0A7A-44ED-95B2-5774037E5444} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F3B6939-A8D4-4B16-9850-E797F6AE749A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {839D8856-B8B2-4708-B460-3A7FD7685959} - System32\Tasks\Adobe Acrobat Update Task
Task: {895B85B7-1FC2-4E42-9A99-94239628DB4B} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1957848 2016-11-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {9A515EA6-1181-4BD3-942B-6F59BFC0A12C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-21] (Google Inc -> Google Inc.)
Task: {9A66194F-ED08-4810-8A06-6250CE972D35} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9F6D02B4-F4FB-4C4B-8218-9CD74178DBBF} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-PC2JKS5-Jirka
Task: {B39B0309-C391-4091-A161-21162EA6DF86} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3BA0DEC-81D2-407B-82A6-A8AC50293298} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B5ABFE21-4F65-4164-B20A-90614389A6C9} - System32\Tasks\Adobe Flash Player Updater
Task: {C9380C0C-BE7F-4C8F-B080-05A748E8F278} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849720 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA55C9A9-E5AD-4DEE-9F1E-1F8916A70924} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
Task: {CB410B19-26C5-44E1-8E1D-E11D9F959424} - System32\Tasks\Opera scheduled Autoupdate 1555070287 => E:\Opera\launcher.exe [1520152 2019-09-03] (Opera Software AS -> Opera Software)
Task: {DBD8CD6D-4411-424C-A2BC-B103DA4FB72C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {DE17FEB7-3399-432E-B009-A76CC7B8D524} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2045832 2019-08-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {DF7323FC-22F8-4D09-AE9D-2D4AB275EFC2} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon
Task: {E551032D-E32B-4F41-80F8-447D881B1F7D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3942792 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {E672BB8B-74E8-4F67-B255-AA27647A6142} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [3646264 2014-05-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {E7981D6E-640F-419A-BF3B-17F9126FAA7F} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {E93253F8-44D5-4D0A-B2D1-C20CE1A58806} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9391356-943A-41F9-9C6E-FCF8CAD5C5FA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [4747720 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {EAA356FC-2184-496B-AB52-1262687AFD28} - System32\Tasks\CCleaner Update
Task: {EC6CA8AC-7F8D-4973-B0A7-0FB56A1B7695} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7
Task: {EF3650BE-B09C-4EE3-B8E1-57B6BC04F879} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
Task: {F6680FC3-20A7-42E9-91EF-FA4C24109EAA} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FCC9F378-913F-41D5-99CC-B9703F2F4886} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{389b8ba4-50fe-4d06-9133-c7331deda2b6}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{831b9168-c0f0-4678-81d4-80aa171a9b9d}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-12-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-12-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
FireFox:
========
FF DefaultProfile: 96wq1v98.default
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default [2019-09-18]
FF user.js: detected! => C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\user.js [2017-06-29]
FF DownloadDir: F:
FF Homepage: Mozilla\Firefox\Profiles\96wq1v98.default -> google.cz
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\Extensions\sp@avast.com.xpi [2019-09-12]
FF Extension: (Zhasnout světla) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\Extensions\stefanvandamme@stefanvd.net.xpi [2019-07-02]
FF Extension: (Avast Online Security) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\Extensions\wrc@avast.com.xpi [2019-09-09]
FF Extension: (No Name) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-23]
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> E:\SolidWorks 2017\SOLIDWORKS Composer Player\Bin\npcomposerplayerwebplugin.dll [2016-11-23] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-10-08] (Adobe Systems Incorporated -> )
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> E:\SolidWorks 2017\SOLIDWORKS Composer Player\Bin\x86\npcomposerplayerwebplugin.dll [2016-11-23] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-10-08] (Adobe Systems Incorporated -> )
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-12-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-12-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
Chrome:
=======
CHR Profile: C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default [2019-07-09]
CHR Extension: (Prezentace) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-24]
CHR Extension: (Dokumenty) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-24]
CHR Extension: (Disk Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-24]
CHR Extension: (YouTube) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-24]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-18]
CHR Extension: (Tabulky) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-04]
CHR Extension: (Avast Online Security) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-24]
CHR Extension: (Gmail) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-24]
CHR Extension: (Chrome Media Router) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1388920 2018-05-09] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] (ASUSTeK Computer Inc. -> )
S2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2016-05-27] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-09-26] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsusFanControlService.exe [2394072 2016-09-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [356632 2015-06-10] (ASUSTeK Computer Inc. -> ASUSTeK)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5975136 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [405072 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-03-25] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11568224 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
S3 CoordinatorServiceHost; E:\SolidWorks 2017\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81304 2016-11-23] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-10] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-10] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-09-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-12-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4621632 2015-04-14] (SafeNet, Inc. -> SafeNet Inc.)
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2016-11-23] (Intel(R) Software Development Products -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Trust Services -> Intel(R) Corporation)
U3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25312 2016-11-01] (Intel(R) Online Connect -> Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [34528 2016-11-01] (Intel(R) Online Connect -> Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-14] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-17] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-17] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-11-08] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-02-09] (Even Balance, Inc. -> )
R2 PrintManager; E:\print studio\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe [328704 2016-06-01] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2018-01-23] (SolidWorks) [File not signed]
R2 VMAuthdService; E:\VMware Workstation\vmware-authd.exe [95208 2017-09-18] (VMware, Inc. -> VMware, Inc.)
S3 VMwareHostd; E:\VMware Workstation\vmware-hostd.exe [14344168 2017-09-18] (VMware, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology Corp. -> Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [28472 2015-07-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209552 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263008 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [282768 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169408 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [478096 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387176 2019-09-09] (AVAST Software s.r.o. -> AVAST Software)
R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-08-03] (EldoS Corporation -> /n software, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2017-02-06] (Disc Soft Ltd -> Disc Soft Ltd)
R0 FNETHYRAMAS; C:\WINDOWS\System32\drivers\FNETHYRAMAS.SYS [45688 2017-02-06] (FNet Co., Ltd. -> FNet Co., Ltd.)
R1 FNETURPX; C:\WINDOWS\System32\drivers\FNETURPX.SYS [16648 2017-02-06] (FNet Co., Ltd. -> FNet Co., Ltd.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [331608 2015-04-14] (SafeNet, Inc. -> SafeNet Inc.)
S3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [14136 2014-08-06] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation)
R1 NFC_Driver; C:\WINDOWS\System32\drivers\NFC_Driver.sys [48336 2015-06-11] (Tech Titan Limited -> Titan ARC Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_37ec54c19854e219\nvlddmkm.sys [20747736 2019-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2017-09-18] (VMware, Inc. -> VMware, Inc.)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-08-03] (EldoS Corporation -> /n software, Inc.)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [38376 2017-05-05] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-18 07:41 - 2019-09-18 07:43 - 000049128 ____C C:\Users\Jirka\Desktop\FRST.txt
2019-09-18 07:41 - 2019-09-18 07:41 - 001614848 ____C (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2019-09-18 07:41 - 2019-09-18 07:41 - 000000000 ____D C:\FRST
2019-09-17 20:11 - 2019-09-18 07:36 - 000000000 __SHD C:\Users\Jirka\IntelGraphicsProfiles
2019-09-17 20:11 - 2019-09-17 20:12 - 000000000 ___DC C:\Users\Jirka\AppData\Local\Intel
2019-09-17 20:11 - 2019-09-17 20:11 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-09-17 20:11 - 2019-09-17 20:11 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2019-09-15 22:48 - 2019-09-15 22:56 - 000000000 ____D C:\AdwCleaner
2019-09-15 22:48 - 2019-09-15 22:47 - 007622344 ____C (Malwarebytes) C:\Users\Jirka\Desktop\adwcleaner_7.4.1.exe
2019-09-15 10:32 - 2019-09-15 10:33 - 000000000 ____D C:\rsit
2019-09-15 10:32 - 2019-09-15 10:32 - 000000000 ____D C:\Program Files\trend micro
2019-09-15 10:32 - 2019-09-15 10:31 - 001222144 ____C C:\Users\Jirka\Desktop\RSITx64.exe
2019-09-15 10:24 - 2019-09-15 10:24 - 000000000 ____C C:\Users\Jirka\Desktop\Nový textový dokument.txt
2019-09-13 18:10 - 2019-09-13 18:10 - 000022463 ____C C:\Users\Jirka\AppData\Local\recently-used.xbel
2019-09-10 00:12 - 2019-09-10 00:12 - 000000000 ____D C:\ProgramData\LogiShrd
2019-09-09 23:57 - 2019-09-09 23:57 - 000000000 ___DC C:\Users\Jirka\AppData\Local\Logitech
2019-09-09 23:47 - 2019-09-09 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2019-09-09 23:46 - 2019-09-09 23:47 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2019-09-09 23:35 - 2019-09-09 23:40 - 125871888 _____ (Logitech Inc.) C:\Users\Jirka\Downloads\LGS_9.02.65_x64_Logitech.exe
2019-09-09 23:33 - 2019-09-09 23:33 - 000000000 ___DC C:\Users\Jirka\AppData\Roaming\Logitech
2019-09-09 23:33 - 2019-09-09 23:33 - 000000000 ___DC C:\Users\Jirka\AppData\Roaming\Logishrd
2019-09-09 23:22 - 2019-09-11 00:07 - 000000394 ____C C:\Users\Jirka\Desktop\TODAYYY.txt
2019-09-09 23:17 - 2019-09-09 23:21 - 112859648 _____ (Logitech Inc.) C:\Users\Jirka\Downloads\LGS_9.00.42_x86_Logitech.exe
2019-09-09 10:01 - 2019-09-09 10:01 - 018021376 ____C C:\unp307627243652816194i-manual.mdmp
2019-09-09 10:01 - 2019-09-09 10:01 - 018019006 ____C C:\unp307627243649848135i-manual.mdmp
2019-09-09 10:01 - 2019-09-09 10:01 - 018000219 ____C C:\unp307627243641881064i-manual.mdmp
2019-09-09 10:01 - 2019-09-09 10:01 - 000363912 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-09-09 10:01 - 2019-09-09 10:01 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-09-09 10:01 - 2019-09-09 10:01 - 000169408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-09-07 02:01 - 2019-09-07 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-09-06 00:31 - 2019-09-06 00:31 - 000000571 _____ C:\Users\Public\Desktop\World of Warcraft Classic.lnk
2019-09-05 14:18 - 2019-09-05 14:18 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-09-05 14:18 - 2019-09-05 14:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-09-05 14:18 - 2019-09-05 14:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-09-05 14:18 - 2019-09-05 14:18 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-09-04 13:37 - 2019-09-04 13:37 - 000951216 _____ C:\Users\Jirka\Downloads\brikstar_cz.pdf
2019-09-04 13:37 - 2019-09-04 13:37 - 000618696 _____ C:\Users\Jirka\Downloads\Lisy-na-kovy-2014_CZ.pdf
2019-09-03 18:55 - 2019-09-03 18:55 - 000141982 ____C C:\Users\Jirka\Downloads\Zeď _ Návrat do reality.html
2019-09-03 18:55 - 2019-09-03 18:55 - 000000000 ____D C:\Users\Jirka\Downloads\Zeď _ Návrat do reality_files
2019-08-31 14:51 - 2019-08-31 14:51 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-31 14:51 - 2019-08-31 14:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-08-29 18:01 - 2019-08-29 18:02 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-23 17:02 - 2019-09-04 23:03 - 000000000 ___DC C:\Users\Jirka\AppData\Roaming\kicad
2019-08-23 16:42 - 2019-08-23 16:42 - 000000799 _____ C:\Users\Public\Desktop\FreeCAD 0.18.lnk
2019-08-23 16:42 - 2019-08-23 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCAD 0.18
2019-08-23 14:04 - 2019-08-23 14:04 - 005829478 _____ C:\Users\Jirka\Downloads\05 HIWIN katalog Polohovaci systemy-2017.pdf
2019-08-23 14:04 - 2019-08-23 14:04 - 000151360 _____ C:\Users\Jirka\Downloads\Katalogovy_list_LMG2A_CB6_CC8 (1).pdf
2019-08-23 14:04 - 2019-08-23 14:04 - 000000635 _____ C:\Users\Public\Desktop\KiCad.lnk
2019-08-23 14:04 - 2019-08-23 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KiCad
2019-08-23 08:26 - 2019-08-29 18:02 - 000000000 ____D C:\WINDOWS\Panther
2019-08-23 01:52 - 2019-08-23 02:08 - 1208015904 _____ (KiCad) C:\Users\Jirka\Downloads\kicad-5.1.4_1-x86_64.exe
2019-08-21 22:06 - 2019-08-21 22:06 - 000066008 _____ C:\Users\Jirka\Downloads\Záloha_křivky.cdr
2019-08-21 22:06 - 2019-08-21 22:06 - 000055823 _____ C:\Users\Jirka\Downloads\křivky.cdr
2019-08-21 20:56 - 2019-08-21 20:56 - 000001441 _____ C:\Users\Jirka\Downloads\67a7df339aa999e2bcfcfec88311abfc-761a7688fba3668a84b2dfe42a655a1b246ca193.zip
2019-08-19 03:02 - 2019-08-19 03:02 - 000000000 ___DC C:\Users\Jirka\Documents\Corel
2019-08-19 00:15 - 2019-08-19 00:15 - 000151360 _____ C:\Users\Jirka\Downloads\Katalogovy_list_LMG2A_CB6_CC8.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-18 07:37 - 2018-07-19 13:12 - 000000000 ___DC C:\Users\Jirka\AppData\Local\AVAST Software
2019-09-18 07:37 - 2018-05-18 19:32 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-09-18 07:36 - 2017-04-18 18:11 - 000000000 ___DC C:\Users\Jirka\AppData\LocalLow\Mozilla
2019-09-17 23:09 - 2018-05-18 19:28 - 000000000 ____D C:\Users\Jirka
2019-09-17 23:09 - 2018-05-18 19:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-17 23:09 - 2017-02-07 19:34 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-17 23:06 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-17 20:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-17 20:18 - 2018-05-18 19:36 - 001680254 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-17 20:18 - 2018-04-12 17:50 - 000712392 _____ C:\WINDOWS\system32\perfh005.dat
2019-09-17 20:18 - 2018-04-12 17:50 - 000143436 _____ C:\WINDOWS\system32\perfc005.dat
2019-09-17 20:18 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-09-17 20:11 - 2018-09-17 00:21 - 000000000 ____D C:\ProgramData\VMware
2019-09-17 20:11 - 2018-05-18 19:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-17 20:11 - 2017-02-08 21:05 - 000000000 ___DC C:\Intel
2019-09-17 20:11 - 2017-02-06 22:43 - 000000000 ____D C:\ProgramData\Intel
2019-09-17 20:11 - 2017-02-06 22:35 - 000000000 ____D C:\Program Files\Intel
2019-09-15 22:56 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-09-15 22:56 - 2017-12-14 17:17 - 000000000 ____D C:\ProgramData\Nero
2019-09-15 22:56 - 2017-02-06 22:04 - 000000000 ____D C:\Program Files (x86)\ASUS
2019-09-15 11:28 - 2018-05-18 19:26 - 001565520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-15 11:27 - 2018-06-27 02:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-15 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-09-15 11:27 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-09-15 11:21 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-15 10:14 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-13 18:45 - 2017-02-18 12:38 - 000000000 __RDC C:\Users\Jirka\Desktop\docs
2019-09-13 18:15 - 2019-04-03 12:17 - 000000000 ___DC C:\Users\Jirka\AppData\Local\babl-0.1
2019-09-13 18:10 - 2017-08-30 18:23 - 000000000 ___DC C:\Users\Jirka\AppData\Local\gtk-2.0
2019-09-12 23:54 - 2019-04-12 13:58 - 000003444 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1555070287
2019-09-12 23:54 - 2019-04-05 21:26 - 000002310 _____ C:\WINDOWS\System32\Tasks\Adobe Uninstaller
2019-09-12 23:54 - 2018-07-27 19:03 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-07-27 19:03 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-07-27 19:03 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-05-18 19:32 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-09-12 23:54 - 2018-05-18 19:32 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-12 23:54 - 2018-05-18 19:32 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-05-18 19:32 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-05-18 19:32 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-05-18 19:32 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-12 23:54 - 2018-05-18 19:32 - 000002712 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2019-09-12 23:54 - 2018-05-18 19:32 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-09-12 23:54 - 2018-05-18 19:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-09-12 23:50 - 2017-02-08 17:09 - 000000000 ___DC C:\Users\Jirka\AppData\Local\CrashDumps
2019-09-12 23:26 - 2018-05-18 20:43 - 000000000 ___DC C:\Users\Jirka\AppData\Local\D3DSCache
2019-09-12 01:13 - 2017-07-24 01:30 - 000000000 ___DC C:\Users\Jirka\AppData\Local\Battle.net
2019-09-12 00:43 - 2017-04-02 11:18 - 000000000 ____D C:\Program Files (x86)\Steam
2019-09-09 10:07 - 2018-01-27 19:40 - 000478096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-09-09 10:01 - 2019-02-20 21:11 - 000282768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-09-09 10:01 - 2019-01-14 16:45 - 000263008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-09-09 10:01 - 2019-01-08 20:45 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-09-09 10:01 - 2019-01-08 20:45 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-09-09 10:01 - 2019-01-08 20:45 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-09-09 10:01 - 2018-10-22 12:07 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-09-09 10:01 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-09 10:01 - 2018-01-27 19:40 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-09-09 10:01 - 2018-01-27 19:40 - 000387176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-09-09 10:01 - 2018-01-27 19:40 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-09-09 10:01 - 2018-01-27 19:40 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-09-09 10:01 - 2018-01-27 19:40 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-09-07 13:17 - 2017-06-13 17:41 - 000000000 ____D C:\Temp
2019-09-07 02:01 - 2017-04-10 15:22 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-09-06 17:42 - 2017-04-18 17:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-06 17:42 - 2017-04-18 17:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-09-06 11:31 - 2019-04-12 13:58 - 000000728 ____C C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-09-06 11:31 - 2017-04-18 17:43 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-09-06 01:52 - 2018-07-16 03:50 - 000000000 ___DC C:\Users\Jirka\AppData\Roaming\Stellarium
2019-09-02 23:51 - 2018-07-10 16:51 - 000000000 ___DC C:\Users\Jirka\Documents\StarCraft II
2019-09-02 20:19 - 2017-04-17 20:28 - 000000000 ___DC C:\Users\Jirka\AppData\Local\Blizzard Entertainment
2019-09-01 05:57 - 2018-05-23 13:27 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-01 05:57 - 2018-05-23 13:27 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-08-31 14:49 - 2017-02-14 18:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-08-30 17:49 - 2019-08-04 18:03 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-08-30 17:17 - 2017-09-29 19:50 - 000000000 ____D C:\Program Files\rempl
2019-08-28 02:12 - 2017-12-21 21:24 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-28 01:18 - 2018-10-29 16:25 - 000000000 ___DC C:\Users\Jirka\Documents\The Witcher 3
2019-08-25 17:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-08-23 17:10 - 2019-08-18 21:55 - 000000000 ___DC C:\Users\Jirka\AppData\Roaming\Corel
2019-08-23 17:10 - 2019-08-18 21:44 - 000000000 ____D C:\ProgramData\Corel
2019-08-23 17:06 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-08-22 12:12 - 2017-04-10 15:22 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-08-22 12:12 - 2017-04-10 15:22 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-08-21 18:02 - 2018-05-18 19:32 - 000004000 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-08-21 18:02 - 2018-05-18 19:32 - 000003768 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
==================== Files in the root of some directories ================
2018-10-01 23:12 - 2018-10-01 23:12 - 000000000 ____C () C:\Users\Jirka\AppData\Local\oobelibMkey.log
2019-09-13 18:10 - 2019-09-13 18:10 - 000022463 ____C () C:\Users\Jirka\AppData\Local\recently-used.xbel
2017-12-22 23:49 - 2017-12-22 23:49 - 000007600 ____C () C:\Users\Jirka\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Re: prosím o preventivní kontrolu
Zapni obnovu systemu
- Stlac Win+R, napis "sysdm.cpl" (bez uvodzoviek) a stlac enter
- Klikni na kartu Ochrana systemu a potom na Konfigurovat
- Vyber moznost Zapnut ochranu systemu a klikni na OK
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum CMD: type "C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\user.js" Folder: C:\Users\Jirka\AppData\Roaming\Browsers ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 Task: {1A5E9B08-289D-49BE-B5B1-D1FB3468F82E} - System32\Tasks\Intel PTT EK Recertification Task: {33858A09-02DE-4D49-96D6-A9B2473A25BA} - System32\Tasks\AutoPico Daily Restart => F:\stazene [Argument = soubory\KMSpico 10.2.0 FINAL + Portable (Office and Windows 10 Activator) [TechTools]\Nová složka\AutoPico.exe /silent] Task: {364BC527-DD1C-41BF-8074-3FEB6BE04400} - System32\Tasks\{0DE4F31D-8F67-4EB9-8D23-CA87B7C5811A} Task: {614A83B3-5B3A-4008-9C64-75D4744B977E} - System32\Tasks\Update Manager Task: {6B2C74BC-2FF3-4C15-9CDB-F1B51244CD15} - System32\Tasks\{7A8E1286-645E-46AD-856C-FB1AC4DCE360} Task: {9A66194F-ED08-4810-8A06-6250CE972D35} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {EF3650BE-B09C-4EE3-B8E1-57B6BC04F879} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File] FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File] FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File] S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X] 2019-09-15 10:32 - 2019-09-15 10:33 - 000000000 ____D C:\rsit 2019-09-15 10:32 - 2019-09-15 10:32 - 000000000 ____D C:\Program Files\trend micro 2019-09-15 10:32 - 2019-09-15 10:31 - 001222144 ____C C:\Users\Jirka\Desktop\RSITx64.exe CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{0997411D-6B5A-4656-962D-49B2F51DAA3D}\InprocServer32 -> E:\Xara web designer\Filters\ENG\TIFFImport.dll => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{171740BB-DE5D-4A3B-A5DD-43D171192819}\InprocServer32 -> E:\Xara web designer\Filters\ENG\RTFfilter.dll => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{34F47C85-7AD2-4584-8C2C-8E3C90CD7DEE}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PSDFilter.dll => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{3E2079FE-4DB5-4914-B9A0-FBBDA87890C0}\InprocServer32 -> E:\Xara web designer\Filters\ENG\ODPImport.dll => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{4954639E-4AD5-4232-9FC6-753ED3E19DE1}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PPImport.dll => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{96379E3B-23DA-4F75-A23A-DBCF805CC406}\InprocServer32 -> E:\Xara web designer\Filters\ENG\DocImport\DocImport.dll => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{C2A30267-3451-441F-93AD-8C8399CB426B}\InprocServer32 -> E:\Xara web designer\Filters\ENG\HTMLfilter.dll => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> "E:\Xara web designer\WebDesigner.exe" => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> "E:\Xara web designer\WebDesigner.exe" => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CCC4FDE7-EE88-454F-9B6E-60FD6B562289}\InprocServer32 -> E:\Xara web designer\Filters\ENG\RAWImport\RAWImport.dll => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E44A4F31-0C8B-42C2-A2A4-E743A0395B5F}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PDFImport\PDFImport.dll => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E99245A1-DE06-4770-8208-B0494C933C65}\InprocServer32 -> E:\Xara web designer\Filters\ENG\SVGFilter.dll => No File CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{EDC4A498-53B4-496C-A750-3AABCD48A6A3}\InprocServer32 -> E:\Xara web designer\Filters\ENG\EMFFilter.dll => No File ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => -> No File ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File Shortcut: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnet Eхрlоrеr.lnk -> C:\Users\Jirka\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic Shortcut: C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firefoх.lnk -> C:\Users\Jirka\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic AlternateDataStreams: C:\Users\Jirka\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Jirka\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Public\AppData:CSM [474] C:\Users\Jirka\AppData\Roaming\Browsers DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 Hosts: EmptyTemp: End - Klikni na Subor a potom na Ulozit
- Vpravo dole vyber kodovanie Unicode
- Subor uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
palandinin
- Návštěvník
- Příspěvky: 9
- Registrován: 15 zář 2019 09:27
Re: prosím o preventivní kontrolu
nejde to zapnout. Ta pološka je šedá a nejde na to kliknou
Re: prosím o preventivní kontrolu
Mas na mysli tu obnovu systemu? Vies poslat screenshot?
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
palandinin
- Návštěvník
- Příspěvky: 9
- Registrován: 15 zář 2019 09:27
Re: prosím o preventivní kontrolu
V tom zozname diskov je potrebne vybrat systemovy oddiel (C:)
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
palandinin
- Návštěvník
- Příspěvky: 9
- Registrován: 15 zář 2019 09:27
Re: prosím o preventivní kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-09-2019 01
Ran by Jirka (18-09-2019 23:15:28) Run:1
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available Profiles: Jirka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: type "C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\user.js"
Folder: C:\Users\Jirka\AppData\Roaming\Browsers
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1
Task: {1A5E9B08-289D-49BE-B5B1-D1FB3468F82E} - System32\Tasks\Intel PTT EK Recertification
Task: {33858A09-02DE-4D49-96D6-A9B2473A25BA} - System32\Tasks\AutoPico Daily Restart => F:\stazene [Argument = soubory\KMSpico 10.2.0 FINAL + Portable (Office and Windows 10 Activator) [TechTools]\Nová složka\AutoPico.exe /silent]
Task: {364BC527-DD1C-41BF-8074-3FEB6BE04400} - System32\Tasks\{0DE4F31D-8F67-4EB9-8D23-CA87B7C5811A}
Task: {614A83B3-5B3A-4008-9C64-75D4744B977E} - System32\Tasks\Update Manager
Task: {6B2C74BC-2FF3-4C15-9CDB-F1B51244CD15} - System32\Tasks\{7A8E1286-645E-46AD-856C-FB1AC4DCE360}
Task: {9A66194F-ED08-4810-8A06-6250CE972D35} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EF3650BE-B09C-4EE3-B8E1-57B6BC04F879} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
2019-09-15 10:32 - 2019-09-15 10:33 - 000000000 ____D C:\rsit
2019-09-15 10:32 - 2019-09-15 10:32 - 000000000 ____D C:\Program Files\trend micro
2019-09-15 10:32 - 2019-09-15 10:31 - 001222144 ____C C:\Users\Jirka\Desktop\RSITx64.exe
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{0997411D-6B5A-4656-962D-49B2F51DAA3D}\InprocServer32 -> E:\Xara web designer\Filters\ENG\TIFFImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{171740BB-DE5D-4A3B-A5DD-43D171192819}\InprocServer32 -> E:\Xara web designer\Filters\ENG\RTFfilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{34F47C85-7AD2-4584-8C2C-8E3C90CD7DEE}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PSDFilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{3E2079FE-4DB5-4914-B9A0-FBBDA87890C0}\InprocServer32 -> E:\Xara web designer\Filters\ENG\ODPImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{4954639E-4AD5-4232-9FC6-753ED3E19DE1}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PPImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{96379E3B-23DA-4F75-A23A-DBCF805CC406}\InprocServer32 -> E:\Xara web designer\Filters\ENG\DocImport\DocImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{C2A30267-3451-441F-93AD-8C8399CB426B}\InprocServer32 -> E:\Xara web designer\Filters\ENG\HTMLfilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> "E:\Xara web designer\WebDesigner.exe" => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> "E:\Xara web designer\WebDesigner.exe" => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CCC4FDE7-EE88-454F-9B6E-60FD6B562289}\InprocServer32 -> E:\Xara web designer\Filters\ENG\RAWImport\RAWImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E44A4F31-0C8B-42C2-A2A4-E743A0395B5F}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PDFImport\PDFImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E99245A1-DE06-4770-8208-B0494C933C65}\InprocServer32 -> E:\Xara web designer\Filters\ENG\SVGFilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{EDC4A498-53B4-496C-A750-3AABCD48A6A3}\InprocServer32 -> E:\Xara web designer\Filters\ENG\EMFFilter.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
Shortcut: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnet Eхрlоrеr.lnk -> C:\Users\Jirka\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firefoх.lnk -> C:\Users\Jirka\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic
AlternateDataStreams: C:\Users\Jirka\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Jirka\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
C:\Users\Jirka\AppData\Roaming\Browsers
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 2675
Average :
Sum : 601761125
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========= type "C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\user.js" =========
user_pref("extensions.blocklist.detailsURL", "");
user_pref("extensions.blocklist.enabled", false);
user_pref("extensions.blocklist.interval", 86400);
user_pref("extensions.blocklist.itemURL", "");
user_pref("extensions.blocklist.url", "");
========= End of CMD: =========
========================= Folder: C:\Users\Jirka\AppData\Roaming\Browsers ========================
not found.
====== End of Folder: ======
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1]
"Inno Setup: Setup Version"="5.5.5 (a)"
"Inno Setup: App Path"="C:\Program Files\KMSpico"
"InstallLocation"="C:\Program Files\KMSpico\"
"Inno Setup: Icon Group"="KMSpico"
"Inno Setup: User"="Jirka"
"Inno Setup: Language"="default"
"DisplayName"="KMSpico"
"DisplayIcon"="C:\Program Files\KMSpico\KMSELDI.exe"
"UninstallString"=""C:\Program Files\KMSpico\unins000.exe""
"QuietUninstallString"=""C:\Program Files\KMSpico\unins000.exe" /SILENT"
"ModifyPath"=""C:\Program Files\KMSpico\UninsHs.exe" /m0=AppId"
"NoRepair"="1"
"InstallDate"="20180123"
"EstimatedSize"="21139"
"sEstimatedSize2"="16105"
=== End of ExportKey ===
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A5E9B08-289D-49BE-B5B1-D1FB3468F82E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A5E9B08-289D-49BE-B5B1-D1FB3468F82E}" => removed successfully
C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel PTT EK Recertification" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33858A09-02DE-4D49-96D6-A9B2473A25BA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33858A09-02DE-4D49-96D6-A9B2473A25BA}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{364BC527-DD1C-41BF-8074-3FEB6BE04400}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{364BC527-DD1C-41BF-8074-3FEB6BE04400}" => removed successfully
C:\WINDOWS\System32\Tasks\{0DE4F31D-8F67-4EB9-8D23-CA87B7C5811A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0DE4F31D-8F67-4EB9-8D23-CA87B7C5811A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{614A83B3-5B3A-4008-9C64-75D4744B977E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{614A83B3-5B3A-4008-9C64-75D4744B977E}" => removed successfully
C:\WINDOWS\System32\Tasks\Update Manager => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Manager" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B2C74BC-2FF3-4C15-9CDB-F1B51244CD15}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B2C74BC-2FF3-4C15-9CDB-F1B51244CD15}" => removed successfully
C:\WINDOWS\System32\Tasks\{7A8E1286-645E-46AD-856C-FB1AC4DCE360} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7A8E1286-645E-46AD-856C-FB1AC4DCE360}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A66194F-ED08-4810-8A06-6250CE972D35}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A66194F-ED08-4810-8A06-6250CE972D35}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF3650BE-B09C-4EE3-B8E1-57B6BC04F879}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF3650BE-B09C-4EE3-B8E1-57B6BC04F879}" => removed successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Classes\PROTOCOLS\Handler\wlpg => removed successfully
HKLM\Software\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} => not found
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\System\CurrentControlSet\Services\nvvad_WaveExtensible => removed successfully
nvvad_WaveExtensible => service removed successfully
HKLM\System\CurrentControlSet\Services\nvvhci => removed successfully
nvvhci => service removed successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Jirka\Desktop\RSITx64.exe => moved successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{0997411D-6B5A-4656-962D-49B2F51DAA3D} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{171740BB-DE5D-4A3B-A5DD-43D171192819} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{34F47C85-7AD2-4584-8C2C-8E3C90CD7DEE} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{3E2079FE-4DB5-4914-B9A0-FBBDA87890C0} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{4954639E-4AD5-4232-9FC6-753ED3E19DE1} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{96379E3B-23DA-4F75-A23A-DBCF805CC406} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{C2A30267-3451-441F-93AD-8C8399CB426B} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CCC4FDE7-EE88-454F-9B6E-60FD6B562289} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E44A4F31-0C8B-42C2-A2A4-E743A0395B5F} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E99245A1-DE06-4770-8208-B0494C933C65} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{EDC4A498-53B4-496C-A750-3AABCD48A6A3} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B => removed successfully
HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_O => removed successfully
HKLM\Software\Classes\CLSID\{64174815-8D98-4CE6-8646-4C039977D809} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_U => removed successfully
HKLM\Software\Classes\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKU\\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnet Eхрlоrеr.lnk => moved successfully
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firefoх.lnk => moved successfully
C:\Users\Jirka\Data aplikací => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\Jirka\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
C:\Users\Public\AppData => ":CSM" ADS removed successfully
"C:\Users\Jirka\AppData\Roaming\Browsers" => not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 281703396 B
Java, Flash, Steam htmlcache => 128294616 B
Windows/system/drivers => 25515838 B
Edge => 1339702 B
Chrome => 175036 B
Firefox => 43806572 B
Opera => 51621630 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 64044 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Jirka => 123541351 B
RecycleBin => 0 B
EmptyTemp: => 635.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:20:13 ====
Ran by Jirka (18-09-2019 23:15:28) Run:1
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available Profiles: Jirka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: type "C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\user.js"
Folder: C:\Users\Jirka\AppData\Roaming\Browsers
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1
Task: {1A5E9B08-289D-49BE-B5B1-D1FB3468F82E} - System32\Tasks\Intel PTT EK Recertification
Task: {33858A09-02DE-4D49-96D6-A9B2473A25BA} - System32\Tasks\AutoPico Daily Restart => F:\stazene [Argument = soubory\KMSpico 10.2.0 FINAL + Portable (Office and Windows 10 Activator) [TechTools]\Nová složka\AutoPico.exe /silent]
Task: {364BC527-DD1C-41BF-8074-3FEB6BE04400} - System32\Tasks\{0DE4F31D-8F67-4EB9-8D23-CA87B7C5811A}
Task: {614A83B3-5B3A-4008-9C64-75D4744B977E} - System32\Tasks\Update Manager
Task: {6B2C74BC-2FF3-4C15-9CDB-F1B51244CD15} - System32\Tasks\{7A8E1286-645E-46AD-856C-FB1AC4DCE360}
Task: {9A66194F-ED08-4810-8A06-6250CE972D35} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EF3650BE-B09C-4EE3-B8E1-57B6BC04F879} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
2019-09-15 10:32 - 2019-09-15 10:33 - 000000000 ____D C:\rsit
2019-09-15 10:32 - 2019-09-15 10:32 - 000000000 ____D C:\Program Files\trend micro
2019-09-15 10:32 - 2019-09-15 10:31 - 001222144 ____C C:\Users\Jirka\Desktop\RSITx64.exe
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{0997411D-6B5A-4656-962D-49B2F51DAA3D}\InprocServer32 -> E:\Xara web designer\Filters\ENG\TIFFImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{171740BB-DE5D-4A3B-A5DD-43D171192819}\InprocServer32 -> E:\Xara web designer\Filters\ENG\RTFfilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{34F47C85-7AD2-4584-8C2C-8E3C90CD7DEE}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PSDFilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{3E2079FE-4DB5-4914-B9A0-FBBDA87890C0}\InprocServer32 -> E:\Xara web designer\Filters\ENG\ODPImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{4954639E-4AD5-4232-9FC6-753ED3E19DE1}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PPImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{96379E3B-23DA-4F75-A23A-DBCF805CC406}\InprocServer32 -> E:\Xara web designer\Filters\ENG\DocImport\DocImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{C2A30267-3451-441F-93AD-8C8399CB426B}\InprocServer32 -> E:\Xara web designer\Filters\ENG\HTMLfilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> "E:\Xara web designer\WebDesigner.exe" => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> "E:\Xara web designer\WebDesigner.exe" => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CCC4FDE7-EE88-454F-9B6E-60FD6B562289}\InprocServer32 -> E:\Xara web designer\Filters\ENG\RAWImport\RAWImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E44A4F31-0C8B-42C2-A2A4-E743A0395B5F}\InprocServer32 -> E:\Xara web designer\Filters\ENG\PDFImport\PDFImport.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E99245A1-DE06-4770-8208-B0494C933C65}\InprocServer32 -> E:\Xara web designer\Filters\ENG\SVGFilter.dll => No File
CustomCLSID: HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{EDC4A498-53B4-496C-A750-3AABCD48A6A3}\InprocServer32 -> E:\Xara web designer\Filters\ENG\EMFFilter.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
Shortcut: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnet Eхрlоrеr.lnk -> C:\Users\Jirka\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firefoх.lnk -> C:\Users\Jirka\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic
AlternateDataStreams: C:\Users\Jirka\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Jirka\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
C:\Users\Jirka\AppData\Roaming\Browsers
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 2675
Average :
Sum : 601761125
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========= type "C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\96wq1v98.default\user.js" =========
user_pref("extensions.blocklist.detailsURL", "");
user_pref("extensions.blocklist.enabled", false);
user_pref("extensions.blocklist.interval", 86400);
user_pref("extensions.blocklist.itemURL", "");
user_pref("extensions.blocklist.url", "");
========= End of CMD: =========
========================= Folder: C:\Users\Jirka\AppData\Roaming\Browsers ========================
not found.
====== End of Folder: ======
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1]
"Inno Setup: Setup Version"="5.5.5 (a)"
"Inno Setup: App Path"="C:\Program Files\KMSpico"
"InstallLocation"="C:\Program Files\KMSpico\"
"Inno Setup: Icon Group"="KMSpico"
"Inno Setup: User"="Jirka"
"Inno Setup: Language"="default"
"DisplayName"="KMSpico"
"DisplayIcon"="C:\Program Files\KMSpico\KMSELDI.exe"
"UninstallString"=""C:\Program Files\KMSpico\unins000.exe""
"QuietUninstallString"=""C:\Program Files\KMSpico\unins000.exe" /SILENT"
"ModifyPath"=""C:\Program Files\KMSpico\UninsHs.exe" /m0=AppId"
"NoRepair"="1"
"InstallDate"="20180123"
"EstimatedSize"="21139"
"sEstimatedSize2"="16105"
=== End of ExportKey ===
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A5E9B08-289D-49BE-B5B1-D1FB3468F82E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A5E9B08-289D-49BE-B5B1-D1FB3468F82E}" => removed successfully
C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel PTT EK Recertification" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33858A09-02DE-4D49-96D6-A9B2473A25BA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33858A09-02DE-4D49-96D6-A9B2473A25BA}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{364BC527-DD1C-41BF-8074-3FEB6BE04400}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{364BC527-DD1C-41BF-8074-3FEB6BE04400}" => removed successfully
C:\WINDOWS\System32\Tasks\{0DE4F31D-8F67-4EB9-8D23-CA87B7C5811A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0DE4F31D-8F67-4EB9-8D23-CA87B7C5811A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{614A83B3-5B3A-4008-9C64-75D4744B977E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{614A83B3-5B3A-4008-9C64-75D4744B977E}" => removed successfully
C:\WINDOWS\System32\Tasks\Update Manager => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Manager" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B2C74BC-2FF3-4C15-9CDB-F1B51244CD15}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B2C74BC-2FF3-4C15-9CDB-F1B51244CD15}" => removed successfully
C:\WINDOWS\System32\Tasks\{7A8E1286-645E-46AD-856C-FB1AC4DCE360} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7A8E1286-645E-46AD-856C-FB1AC4DCE360}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A66194F-ED08-4810-8A06-6250CE972D35}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A66194F-ED08-4810-8A06-6250CE972D35}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF3650BE-B09C-4EE3-B8E1-57B6BC04F879}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF3650BE-B09C-4EE3-B8E1-57B6BC04F879}" => removed successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Classes\PROTOCOLS\Handler\wlpg => removed successfully
HKLM\Software\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} => not found
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\System\CurrentControlSet\Services\nvvad_WaveExtensible => removed successfully
nvvad_WaveExtensible => service removed successfully
HKLM\System\CurrentControlSet\Services\nvvhci => removed successfully
nvvhci => service removed successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Jirka\Desktop\RSITx64.exe => moved successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{0997411D-6B5A-4656-962D-49B2F51DAA3D} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{171740BB-DE5D-4A3B-A5DD-43D171192819} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{34F47C85-7AD2-4584-8C2C-8E3C90CD7DEE} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{3E2079FE-4DB5-4914-B9A0-FBBDA87890C0} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{4954639E-4AD5-4232-9FC6-753ED3E19DE1} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{96379E3B-23DA-4F75-A23A-DBCF805CC406} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{C2A30267-3451-441F-93AD-8C8399CB426B} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{CCC4FDE7-EE88-454F-9B6E-60FD6B562289} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E44A4F31-0C8B-42C2-A2A4-E743A0395B5F} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{E99245A1-DE06-4770-8208-B0494C933C65} => removed successfully
HKU\S-1-5-21-2116198513-1858420317-1968113610-1001_Classes\CLSID\{EDC4A498-53B4-496C-A750-3AABCD48A6A3} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B => removed successfully
HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_O => removed successfully
HKLM\Software\Classes\CLSID\{64174815-8D98-4CE6-8646-4C039977D809} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_U => removed successfully
HKLM\Software\Classes\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKU\\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnet Eхрlоrеr.lnk => moved successfully
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firefoх.lnk => moved successfully
C:\Users\Jirka\Data aplikací => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\Jirka\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
C:\Users\Public\AppData => ":CSM" ADS removed successfully
"C:\Users\Jirka\AppData\Roaming\Browsers" => not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 281703396 B
Java, Flash, Steam htmlcache => 128294616 B
Windows/system/drivers => 25515838 B
Edge => 1339702 B
Chrome => 175036 B
Firefox => 43806572 B
Opera => 51621630 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 64044 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Jirka => 123541351 B
RecycleBin => 0 B
EmptyTemp: => 635.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:20:13 ====
Re: prosím o preventivní kontrolu
Ako to vyzera s PC? Su nejake problemy? Logy vyzeraju OK. Odporucam aktualizovat Windows (Nastavenia -> Aktualizacia a zabezpecenie - Vyhladat aktualizacie).
Naposledy upravil(a) Conder dne 20 zář 2019 19:24, celkem upraveno 1 x.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?