Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivní kontrolu, děkuji.

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
pcsolim
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 28 led 2019 13:23

Prosím o preventivní kontrolu, děkuji.

#1 Příspěvek od pcsolim »

FRST.rar
(9.44 KiB) Staženo 86 x

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu, děkuji.

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, klikni na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

pcsolim
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 28 led 2019 13:23

Re: Prosím o preventivní kontrolu, děkuji.

#3 Příspěvek od pcsolim »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-25.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-28-2019
# Duration: 00:00:08
# OS: Windows 10 Pro
# Cleaned: 76
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\MM\AppData\Roaming\GoforFiles
Deleted C:\ProgramData\ICQ\ICQNewTab
Deleted C:\ProgramData\ytd video downloader
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\Users\MM\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C
Deleted C:\Program Files\GreenTree Applications
Deleted C:\Program Files\Common Files\DVDVideoSoft\TB
Deleted C:\ProgramData\SuperEasy Software
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperEasy Software
Deleted C:\Program Files\SuperEasy Software
Deleted C:\Program Files\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\pokki
Deleted HKCU\Software\drpsu
Deleted HKCU\Software\SuperEasy Software
Deleted HKLM\Software\SuperEasy Software
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Deleted HKLM\Software\Classes\CLSID\{528B5866-2BA6-42CE-8F74-39FB23B49767}
Deleted HKLM\Software\Classes\Interface\{FBB92627-0DAA-4B69-97CC-9879236FE039}
Deleted HKLM\Software\Classes\Interface\{E9ECFFF9-2011-439F-92EB-BE145ACD87DA}
Deleted HKLM\Software\Classes\Interface\{E515494B-7548-462A-B7E7-A3E6F8C4899C}
Deleted HKLM\Software\Classes\Interface\{DF51AD29-5239-441A-B921-E655C8162060}
Deleted HKLM\Software\Classes\Interface\{D325B617-D6F9-4C72-90B2-A38E6D15C16E}
Deleted HKLM\Software\Classes\Interface\{CC5B7648-AAF8-4642-B53D-B7B5E4AE7241}
Deleted HKLM\Software\Classes\Interface\{C0233F6C-3110-4AEA-A798-C81DA43CED9E}
Deleted HKLM\Software\Classes\Interface\{BE952BDF-6FDF-4A62-B318-E15D4487A2EF}
Deleted HKLM\Software\Classes\Interface\{B8E64931-27EF-42BC-AF3B-0E2B25D17567}
Deleted HKLM\Software\Classes\Interface\{B3D38AE9-C808-4811-8417-F114839D6392}
Deleted HKLM\Software\Classes\Interface\{B1285825-F24F-4651-9F8A-2012460AD2FC}
Deleted HKLM\Software\Classes\Interface\{A6670033-7A4B-4F59-B8A9-A7CEBF3CE960}
Deleted HKLM\Software\Classes\Interface\{9BAC5A3B-33FD-4DB9-A4F1-B749498D4017}
Deleted HKLM\Software\Classes\Interface\{9B4E4BF6-9346-4969-8428-C3CB81CD7A30}
Deleted HKLM\Software\Classes\Interface\{821ED2B3-866E-4177-870E-52D995D123D0}
Deleted HKLM\Software\Classes\Interface\{80995911-5CF2-483F-A260-C736E8D0C691}
Deleted HKLM\Software\Classes\Interface\{753C5ED0-B9AB-4F1E-8DAC-668E701CA569}
Deleted HKLM\Software\Classes\Interface\{469960F8-8172-4386-BBB1-DF3590027D58}
Deleted HKLM\Software\Classes\Interface\{2BA83048-8B7C-4186-843B-D97FC1A6AE95}
Deleted HKLM\Software\Classes\Interface\{1644E2E1-E15E-4E9E-9B25-5668536DD6A7}
Deleted HKLM\Software\Classes\Interface\{0E8990F4-2FC9-403C-883B-535D6271E740}
Deleted HKLM\Software\Classes\Interface\{066D89E6-B457-4A57-888A-B0AEB11D5BF1}
Deleted HKLM\Software\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
Deleted HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Deleted HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Deleted HKLM\Software\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Deleted HKLM\Software\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Deleted HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Deleted HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Deleted HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Deleted HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Deleted HKLM\Software\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Deleted HKLM\Software\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Deleted HKLM\Software\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Deleted HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Deleted HKLM\Software\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.slunecnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\slunecnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{c2b8e594-d284-ef0b-2c66-48a9c98914bc}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A474C13C-4057-4FF7-8A1B-4B67CD52B1B8}
Deleted HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted HKCU\Software\Mail.Ru
Deleted HKCU\Software\Norassie
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\torrent-harvester.en.softonic.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\softonic.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\en.softonic.com
Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8653 octets] - [28/01/2019 14:39:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu, děkuji.

#4 Příspěvek od Diallix »

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

pcsolim
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 28 led 2019 13:23

Re: Prosím o preventivní kontrolu, děkuji.

#5 Příspěvek od pcsolim »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-01-2019
Ran by MM (administrator) on MM-PC (28-01-2019 14:55:18)
Running from C:\Users\MM\Desktop
Loaded Profiles: MM (Available Profiles: MM & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1803 17134.556 (X86) Language: Čeština (Česko)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cheetah Mobile,Inc.) C:\Program Files\cmcm\Clean Master\cmcore.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
() C:\Program Files\Common Files\Appkeys\yytool.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\MsMpEng.exe
(IObit) C:\Program Files\IObit\iFreeUp\iFreeUpMini.exe
(Cheetah Mobile,Inc.) C:\Program Files\cmcm\Clean Master\cmtray.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Corel) C:\Program Files\Common Files\Corel\Standby\Standby.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\Cobian.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbInterface.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Olympus Corporation) C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(Dropbox, Inc.) C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Dropbox, Inc.) C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(The Qt Company Ltd.) C:\Users\MM\AppData\Roaming\Dropbox\bin\QtWebEngineProcess.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11738184 2013-02-05] (Realtek Semiconductor)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2018-06-23] (Apple Inc.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [Standby] => c:\Program Files\Common Files\Corel\Standby\Standby.exe [105632 2010-05-17] (Corel)
HKLM\...\Run: [OV3_Monitor] => C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [40400 2018-06-18] (Olympus Corporation)
HKLM\...\Run: [Cobian Backup 11] => C:\Program Files\Cobian Backup 11\Cobian.exe [720896 2012-12-05] (Luis Cobian, CobianSoft)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [262456 2018-07-06] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\...\Run: [cmsc] => c:\program files\cmcm\Clean Master\cmtray.exe [1607280 2018-12-04] (Cheetah Mobile,Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Run: [OV3_Monitor] => C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [415696 2018-06-18] (Olympus Corporation)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Run: [Dropbox Update] => C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Run: [GarminExpress] => C:\Program Files\Garmin\Express\express.exe [30886976 2019-01-14] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Run: [FastVD] => C:\Program Files\FastPcTools\Fast VD\FastVD.exe [1636040 2019-01-22] (FastPcTools)
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files\Garmin\Express\express.exe [30886976 2019-01-14] (Garmin Ltd. or its subsidiaries)
HKLM\...\Drivers32: [vidc.ffds] => C:\WINDOWS\system32\ff_vfw.dll [112640 2013-03-13] ()
HKLM\...\Drivers32: [msacm.avis] => C:\WINDOWS\system32\ff_acm.acm [47616 2013-03-13] ()
HKLM\...\Drivers32: [msacm.aacacm] => C:\WINDOWS\system32\AACACM.acm [294912 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [122880 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [VIDC.CSCD] => C:\WINDOWS\system32\CamCodec.dll [49664 2010-10-24] (CamStudio Group)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\WINDOWS\system32\CFHD.dll [1208320 2007-08-12] (CineForm Inc.)
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [756224 2012-02-28] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] ( )
HKLM\...\Drivers32: [VIDC.MLCY] => C:\WINDOWS\system32\mlc.dll [155648 2012-05-21] ()
HKLM\...\Drivers32: [VIDC.ULRA] => C:\Windows\system32\utv_vcm.dll [69632 2013-01-13] ()
HKLM\...\Drivers32: [VIDC.ULRG] => C:\Windows\system32\utv_vcm.dll [69632 2013-01-13] ()
HKLM\...\Drivers32: [VIDC.ULY0] => C:\Windows\system32\utv_vcm.dll [69632 2013-01-13] ()
HKLM\...\Drivers32: [VIDC.ULY2] => C:\Windows\system32\utv_vcm.dll [69632 2013-01-13] ()
HKLM\...\Drivers32: [vidc.x264] => C:\Program Files\x264vfw\x264vfw.dll [4283392 2013-02-27] ()
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [243200 2012-08-29] ()
HKLM\...\Drivers32: [VIDC.VP80] => C:\WINDOWS\system32\vp8vfw.dll [560128 2011-12-05] (Optima SC Inc.)
HKLM\...\Drivers32: [VIDC.IV41] => C:\WINDOWS\system32\ir41_32.dll [756736 2003-03-25] (Intel Corporation)
HKLM\...\Drivers32: [VIDC.GEOX] => C:\WINDOWS\system32\GeoCodec.dll [622592 2010-10-11] (GeoVision)
HKLM\...\Drivers32: [VIDC.GEOV] => C:\WINDOWS\system32\GeoCodec.dll [622592 2010-10-11] (GeoVision)
HKLM\...\Drivers32: [VIDC.GEOS] => C:\WINDOWS\system32\GeoCodecD.dll [622592 2010-10-11] (GeoVision)
HKLM\...\Drivers32: [VIDC.VMnc] => C:\WINDOWS\system32\vmnc.dll [252464 2010-09-20] (VMware, Inc.)
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.)
HKLM\...\Drivers32: [msacm.dvacm] => C:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm [20480 2010-05-17] (Corel TW Corp.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2019-01-23]
ShortcutTarget: Dropbox.lnk -> C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{88f0fe0e-3f47-432c-a9ae-1a63be7485a1}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{b3cf2ab9-b78c-45f0-babf-2d8e6e8bf54e}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w02
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.cz/
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w02&q={searchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w02&q={searchTerms}
SearchScopes: HKLM -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> DefaultScope {A474C13C-4057-4FF7-8A1B-4B67CD52B1B8} URL =
SearchScopes: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> {CCDA515E-1E72-40F7-9565-91A832FEB561} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-27] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-05] (Google Inc.)
BHO: Soda PDF 5 IE Helper -> {C737F472-1193-4281-BF53-A00B67AB3E19} -> C:\Program Files\Soda PDF 5\PDFIEHelper.dll [2013-01-25] (LULU Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-27] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-05] (Google Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: fkn1jbez.default-1517395260472
FF ProfilePath: C:\Users\MM\AppData\Roaming\Mozilla\Firefox\Profiles\fkn1jbez.default-1517395260472 [2019-01-28]
FF Homepage: Mozilla\Firefox\Profiles\fkn1jbez.default-1517395260472 -> hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ff&p_mkt=cz&p_tsrc=301ssg01&p_w=y2w02
FF HKLM\...\Firefox\Extensions: [FFSodaPDF5Converter@sodapdf.com] - C:\Program Files\Soda PDF 5\FFSoda5Ext
FF Extension: (Soda PDF 5 Converter For Firefox) - C:\Program Files\Soda PDF 5\FFSoda5Ext [2013-06-02] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi => not found
FF Plugin: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll [2013-01-30] (Adobe Systems, Inc.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-02-27] (Google)
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-27] (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\MM\AppData\Local\Google\Chrome\User Data\Default [2019-01-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AbAdminService; C:\Program Files\ToolbarTerminator\AbAdminService.exe [30984 2015-01-22] (Ascora GmbH) [File not signed]
R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [397936 2018-12-04] (Cheetah Mobile,Inc.)
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 Leawo_service; C:\Program Files\Common Files\Appkeys\yytool.exe [942576 2014-08-22] ()
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3151776 2018-07-15] (Microsoft Corporation)
S3 Soda PDF 5 Helper Service; C:\Program Files\Soda PDF 5\HelperService.exe [1237856 2013-01-25] (LULU Software)
S3 Soda PDF 5 Service; C:\Program Files\Soda PDF 5\ConversionService.exe [877920 2013-01-25] (LULU Software)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] ()
R2 UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] () [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [3378760 2019-01-25] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [91760 2019-01-25] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [53728 2012-08-03] (Windows (R) Win 7 DDK provider)
R0 JRAID; C:\WINDOWS\System32\drivers\jraid.sys [106296 2012-09-17] (JMicron Technology Corp.)
S3 ksapi; C:\WINDOWS\system32\drivers\ksapi.sys [132832 2018-12-04] (Kingsoft Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [221112 2018-01-28] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [75712 2018-01-28] (Malwarebytes)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [504832 2018-04-11] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38504 2019-01-25] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [268792 2019-01-25] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [47608 2019-01-25] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-28 14:55 - 2019-01-28 14:57 - 000019982 _____ C:\Users\MM\Desktop\FRST.txt
2019-01-28 14:38 - 2019-01-28 14:39 - 000000000 ____D C:\AdwCleaner
2019-01-28 14:36 - 2019-01-28 14:36 - 007320272 _____ (Malwarebytes) C:\Users\MM\Desktop\adwcleaner_7.2.6.0.exe
2019-01-28 13:38 - 2019-01-28 13:38 - 000009671 _____ C:\Users\MM\Downloads\FRST (1).rar
2019-01-28 13:38 - 2019-01-28 13:38 - 000009671 _____ C:\Users\MM\Desktop\FRST.rar
2019-01-28 13:37 - 2019-01-28 13:38 - 000026672 _____ C:\Users\MM\Desktop\Addition.rar
2019-01-28 13:12 - 2019-01-28 13:14 - 000113825 _____ C:\Users\MM\Downloads\Addition.txt
2019-01-28 13:09 - 2019-01-28 14:55 - 000000000 ____D C:\FRST
2019-01-28 13:09 - 2019-01-28 13:14 - 000043924 _____ C:\Users\MM\Downloads\FRST.txt
2019-01-28 13:08 - 2019-01-28 13:08 - 001787904 _____ (Farbar) C:\Users\MM\Desktop\FRST.exe
2019-01-28 11:21 - 2019-01-28 11:21 - 000000000 ____D C:\Users\MM\AppData\Roaming\WiseUpdate
2019-01-28 11:06 - 2019-01-28 11:07 - 003876168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-28 08:25 - 2019-01-09 12:08 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-01-28 08:25 - 2019-01-09 11:02 - 000636872 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-01-28 08:25 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-28 08:25 - 2019-01-09 10:55 - 003257856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-01-28 08:25 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-01-28 08:25 - 2019-01-09 10:53 - 000958976 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-01-28 08:25 - 2019-01-09 10:51 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-01-28 08:25 - 2019-01-09 10:51 - 002094080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-01-28 08:25 - 2019-01-09 10:50 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-28 08:25 - 2019-01-09 06:53 - 000480056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-01-28 08:25 - 2019-01-09 06:48 - 000994264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-28 08:25 - 2019-01-09 06:48 - 000074040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-01-28 08:25 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 006683448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-28 08:25 - 2019-01-09 06:43 - 006567768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 001990056 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 001617152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-01-28 08:25 - 2019-01-09 06:43 - 000949856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-28 08:25 - 2019-01-09 06:43 - 000831528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-28 08:25 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000358904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-01-28 08:25 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000195576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-01-28 08:25 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-01-28 08:25 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-01-28 08:25 - 2019-01-09 06:42 - 001190496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-28 08:25 - 2019-01-09 06:42 - 001051032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-28 08:25 - 2019-01-09 06:42 - 000371192 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-01-28 08:25 - 2019-01-09 06:42 - 000371192 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-01-28 08:25 - 2019-01-09 06:42 - 000140792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-01-28 08:25 - 2019-01-09 06:42 - 000100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-01-28 08:25 - 2019-01-09 06:34 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-28 08:25 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-01-28 08:25 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-01-28 08:25 - 2019-01-09 06:25 - 003255296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-28 08:25 - 2019-01-09 06:24 - 002808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-28 08:25 - 2019-01-09 06:24 - 001834496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-01-28 08:25 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-01-28 08:25 - 2019-01-09 06:23 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-01-28 08:25 - 2019-01-09 06:23 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-28 08:25 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-28 08:25 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-01-28 08:25 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-01-28 08:25 - 2019-01-09 06:21 - 001752064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-28 08:25 - 2019-01-09 06:21 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-28 08:25 - 2019-01-09 06:21 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-01-28 08:25 - 2019-01-09 06:21 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-01-28 08:25 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-01-28 08:25 - 2019-01-09 06:20 - 004516352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-28 08:25 - 2019-01-09 06:20 - 001272832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-28 08:25 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-01-28 08:25 - 2019-01-09 06:20 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-01-28 08:25 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-01-28 08:25 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-01-28 08:25 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-01-28 08:25 - 2019-01-09 06:18 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-01-28 08:25 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-01-28 08:25 - 2019-01-09 05:01 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-01-28 08:19 - 2018-09-20 05:33 - 001499960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-25 13:15 - 2019-01-28 12:50 - 000000000 ____D C:\Users\MM\AppData\Roaming\Wise Duplicate Finder
2019-01-25 13:15 - 2019-01-28 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Duplicate Finder
2019-01-25 13:15 - 2019-01-25 13:15 - 000000000 ____D C:\Program Files\Wise
2019-01-25 12:41 - 2019-01-25 12:43 - 000000000 ____D C:\Users\MM\Desktop\Nová složka
2019-01-23 21:40 - 2019-01-23 21:40 - 000000000 ____D C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-01-12 15:03 - 2019-01-12 15:03 - 008201952 _____ (Nullsoft, Inc.) C:\Users\MM\Downloads\winamp58_3660_beta_full_en-us.exe
2019-01-12 14:59 - 2019-01-12 14:59 - 002418200 _____ (Getimeteb ) C:\Users\MM\Downloads\winamp_4293877016.exe
2019-01-09 19:23 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 19:23 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 19:23 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 19:23 - 2019-01-01 07:38 - 000539696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 19:23 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 19:23 - 2019-01-01 07:37 - 002031104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 19:23 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 19:23 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 19:23 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 19:23 - 2019-01-01 07:37 - 000142352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 19:23 - 2019-01-01 07:37 - 000098832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 19:23 - 2019-01-01 07:37 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 19:23 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 19:23 - 2019-01-01 07:18 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 19:23 - 2019-01-01 07:18 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 19:23 - 2019-01-01 07:17 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 19:23 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 19:23 - 2019-01-01 07:17 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 19:23 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 19:23 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-01-09 19:23 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 19:23 - 2019-01-01 07:14 - 001184768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 19:23 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 19:23 - 2019-01-01 07:13 - 001689088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 19:23 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 19:23 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 19:23 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 19:23 - 2019-01-01 07:12 - 000977408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 19:23 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 19:23 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 19:23 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 19:23 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-01-04 08:30 - 2019-01-04 08:30 - 012245664 _____ C:\Users\MM\Downloads\FractalZoomer.exe
2019-01-02 14:58 - 2019-01-06 14:09 - 000000000 ____D C:\Users\MM\AppData\Roaming\Nanosoft
2019-01-02 14:57 - 2019-01-06 14:18 - 000000000 ____D C:\ProgramData\Nanosoft
2019-01-02 14:57 - 2019-01-02 14:57 - 000002495 _____ C:\Users\Public\Desktop\nanoCAD en 5.0.lnk
2019-01-02 14:57 - 2019-01-02 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nanosoft
2019-01-02 14:57 - 2019-01-02 14:57 - 000000000 ____D C:\Program Files\Nanosoft

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-28 14:52 - 2018-04-11 21:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-28 14:47 - 2018-05-16 15:11 - 001910950 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-28 14:47 - 2018-04-12 05:53 - 000793414 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-28 14:47 - 2018-04-12 05:53 - 000178452 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-28 14:47 - 2018-04-11 21:31 - 000000000 ____D C:\WINDOWS\INF
2019-01-28 14:42 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-28 14:40 - 2018-05-16 15:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-28 14:40 - 2018-04-11 13:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-28 14:39 - 2016-05-17 17:46 - 000000000 ____D C:\ProgramData\ICQ
2019-01-28 14:39 - 2015-08-08 14:52 - 000000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2019-01-28 14:34 - 2018-05-16 15:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-28 14:06 - 2018-07-10 14:24 - 000000000 ____D C:\ProgramData\Packages
2019-01-28 14:06 - 2018-04-11 21:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-28 12:56 - 2013-05-29 21:48 - 000000000 ___RD C:\Users\MM\Desktop\PC údržba
2019-01-28 11:29 - 2015-11-29 12:19 - 000000000 ____D C:\Users\MM\AppData\Roaming\vlc
2019-01-28 11:12 - 2013-05-29 21:39 - 000000000 ___RD C:\Users\MM\Dropbox
2019-01-28 11:04 - 2018-04-11 21:36 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-01-28 11:04 - 2018-04-11 21:36 - 000000000 ___RD C:\Program Files\Windows Defender
2019-01-28 11:04 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-28 11:04 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-01-28 11:04 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-28 08:29 - 2018-04-11 21:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-28 07:31 - 2018-01-30 12:05 - 000000000 ____D C:\ProgramData\ProductData
2019-01-25 18:33 - 2018-02-12 23:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-01-25 13:30 - 2013-06-02 18:02 - 000000000 ___RD C:\Users\MM\Desktop\Vypalování
2019-01-25 13:19 - 2013-05-29 19:18 - 000000000 ____D C:\Users\MM\AppData\Roaming\Ashampoo
2019-01-25 13:19 - 2013-05-29 19:18 - 000000000 ____D C:\Users\MM\AppData\Local\ashampoo
2019-01-25 13:19 - 2013-05-29 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2019-01-25 13:18 - 2013-05-29 19:18 - 000000000 ____D C:\ProgramData\Ashampoo
2019-01-25 13:18 - 2013-05-29 19:17 - 000000000 ____D C:\Program Files\Ashampoo
2019-01-24 07:48 - 2013-05-28 16:12 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-24 07:47 - 2013-06-07 22:44 - 000000000 ____D C:\Program Files\Garmin
2019-01-24 07:47 - 2013-06-07 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-01-24 07:46 - 2013-06-07 22:44 - 000000000 ____D C:\ProgramData\GARMIN
2019-01-23 21:40 - 2013-05-29 21:31 - 000000000 ____D C:\Users\MM\AppData\Roaming\Dropbox
2019-01-23 08:40 - 2013-10-29 21:41 - 000000000 ____D C:\Users\MM\AppData\Local\CrashDumps
2019-01-23 08:40 - 2013-05-28 19:23 - 000000000 ____D C:\Users\MM\AppData\Roaming\Winamp
2019-01-22 22:01 - 2014-03-16 20:22 - 000000000 ___RD C:\Users\MM\Desktop\Download
2019-01-22 09:11 - 2018-12-26 12:42 - 000000000 ____D C:\Users\MM\AppData\Local\FastVD
2019-01-22 09:11 - 2018-12-26 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast VD
2019-01-20 10:51 - 2013-06-02 10:54 - 000000000 ____D C:\Users\MM\AppData\Roaming\Vso
2019-01-19 09:24 - 2018-05-16 15:16 - 000002413 _____ C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-19 09:24 - 2016-07-21 21:36 - 000000000 ___RD C:\Users\MM\OneDrive
2019-01-18 10:38 - 2018-11-16 18:19 - 000000000 ____D C:\Program Files\rempl
2019-01-14 19:52 - 2018-05-20 16:59 - 000001674 _____ C:\Users\MM\Desktop\Dataserver MM.lnk
2019-01-12 15:07 - 2015-03-04 17:06 - 000000000 ___RD C:\Users\MM\Desktop\Audio
2019-01-12 15:04 - 2013-05-28 19:23 - 000000000 ____D C:\Program Files\Winamp
2019-01-11 09:25 - 2018-05-16 15:16 - 000000000 ____D C:\Users\MM\AppData\Local\Google
2019-01-11 09:25 - 2016-12-26 11:10 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2019-01-09 20:41 - 2013-05-28 21:55 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-01-09 19:38 - 2013-07-13 08:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 19:29 - 2013-05-30 17:28 - 129687688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-09 06:44 - 2013-05-28 16:47 - 000407698 __RSH C:\bootmgr
2019-01-08 12:22 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-07 18:46 - 2014-10-19 11:42 - 000000000 ____D C:\Users\MM\AppData\Roaming\Mp3tag
2019-01-06 14:27 - 2013-06-02 13:45 - 000000000 ____D C:\Users\MM\Documents\Calibre knihovna
2019-01-06 14:25 - 2013-05-28 21:30 - 000000000 ____D C:\Users\MM\Documents\My eBooks_pracovní (z kindle)
2019-01-06 13:54 - 2013-05-28 21:24 - 000000000 ____D C:\Users\MM\Documents\My eBooks_pracovní (mobi, doc, rtf z pdf, pdb)
2019-01-04 11:12 - 2013-05-28 21:31 - 000000000 ____D C:\Users\MM\Documents\My Publications
2019-01-04 11:01 - 2015-11-18 17:36 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-04 11:01 - 2013-05-28 21:14 - 000000000 ____D C:\Users\MM\Documents\ConvertXtoDVD
2019-01-02 20:41 - 2018-11-14 20:33 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-11-14 20:33 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2018-04-15 11:32 - 2018-04-15 11:32 - 000000282 _____ () C:\ProgramData\fontcacheev1.dat
2013-02-07 13:22 - 2013-02-07 13:22 - 000050330 _____ () C:\Program Files\AntiDust.exe
2011-01-12 01:00 - 2011-01-12 01:00 - 000146944 _____ () C:\Program Files\Common Files\dsfFLACDecoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000221184 _____ () C:\Program Files\Common Files\dsfFLACEncoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000204800 _____ () C:\Program Files\Common Files\dsfNativeFLACSource.dll
2012-05-11 13:16 - 2012-05-11 13:16 - 000171520 _____ () C:\Program Files\Common Files\dsfOggDemux2.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000240128 _____ () C:\Program Files\Common Files\dsfVorbisDecoder.dll
2009-07-11 22:08 - 2009-07-11 22:08 - 000001860 _____ () C:\Program Files\Common Files\Microsoft.VC90.CRT.manifest
2011-04-18 21:51 - 2011-04-18 21:51 - 000569680 _____ (Microsoft Corporation) C:\Program Files\Common Files\MSVCP90.dll
2011-04-18 21:51 - 2011-04-18 21:51 - 000653136 _____ (Microsoft Corporation) C:\Program Files\Common Files\MSVCR90.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000412672 _____ (Google) C:\Program Files\Common Files\vp8decoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000701440 _____ (Google) C:\Program Files\Common Files\vp8encoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000302592 _____ (Google) C:\Program Files\Common Files\webmmux.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 000292352 _____ (Google) C:\Program Files\Common Files\webmsplit.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 000030208 _____ () C:\Program Files\Common Files\wmpinfo.dll
2014-10-19 12:06 - 2014-10-19 12:06 - 000001680 _____ () C:\Users\MM\AppData\Roaming\.ptbt0
2013-12-31 11:40 - 2018-03-17 17:23 - 000000082 _____ () C:\Users\MM\AppData\Roaming\default.pls
2013-06-02 10:54 - 2013-06-02 10:54 - 000087608 _____ () C:\Users\MM\AppData\Roaming\inst.exe
2013-06-02 10:54 - 2013-06-02 10:54 - 000007887 _____ () C:\Users\MM\AppData\Roaming\pcouffin.cat
2013-06-02 10:54 - 2013-06-02 10:54 - 000001144 _____ () C:\Users\MM\AppData\Roaming\pcouffin.inf
2013-06-02 10:55 - 2013-06-02 10:55 - 000000034 _____ () C:\Users\MM\AppData\Roaming\pcouffin.log
2013-06-02 10:54 - 2013-06-02 10:54 - 000047360 _____ (VSO Software) C:\Users\MM\AppData\Roaming\pcouffin.sys
2013-08-03 13:45 - 2013-08-03 13:46 - 000000010 _____ () C:\Users\MM\AppData\Roaming\pdfdrawcodec.dll
2013-05-28 16:21 - 2013-05-28 16:21 - 000000017 _____ () C:\Users\MM\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-16 15:07

==================== End of FRST.txt ============================

pcsolim
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 28 led 2019 13:23

Re: Prosím o preventivní kontrolu, děkuji.

#6 Příspěvek od pcsolim »

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-01-2019
Ran by MM (28-01-2019 14:58:11)
Running from C:\Users\MM\Desktop
Microsoft Windows 10 Pro Version 1803 17134.556 (X86) (2018-05-16 14:40:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1107837428-173974533-547177936-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1107837428-173974533-547177936-503 - Limited - Disabled)
Guest (S-1-5-21-1107837428-173974533-547177936-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1107837428-173974533-547177936-1002 - Limited - Enabled)
MM (S-1-5-21-1107837428-173974533-547177936-1000 - Administrator - Enabled) => C:\Users\MM
WDAGUtilityAccount (S-1-5-21-1107837428-173974533-547177936-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

123 Free Solitaire (HKLM\...\123 Free Solitaire) (Version: - )
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Professional Edition (HKLM\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.724.5507 - ABBYY)
Acoustica Standard Edition 5.0 (HKLM\...\Acoustica Standard Edition_is1) (Version: 5.0 - Acon AS)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Shockwave Player + Authorware Web Player (HKLM\...\Adobe Shockwave Player + Authorware Web Player) (Version: v12.0.0.112 - Adobe Systems, Inc.)
ANALOG projects premium (32-Bit) (HKLM\...\ANALOG_PROJECTS_1_2_38D54FE3_is1) (Version: 1.11 - Franzis Verlag GmbH)
ANT Drivers Installer x86 (HKLM\...\{2DA11ECB-92A9-4B4A-A25D-AA9DB8B94999}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Anti-Twin (Installation 20.8.2018) (HKLM\...\Anti-Twin 2018-08-20 11.05.37) (Version: - Joerg Rosenthal, Germany)
Apowersoft Phone Manager verze 2.8.7 (HKLM\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.8.7 - APOWERSOFT LIMITED)
Apowersoft Unlimited V1.1.7 (HKLM\...\{c03dc130-3664-4210-b9b2-3d35a08c76f5}_is1) (Version: 1.1.7 - Apowersoft LIMITED)
Apowersoft Video Konvertor V4.7.4 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.7.4 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{B19FCC39-7914-4BBC-80EE-1D606BD8C686}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ashampoo Burning Studio 2012 v10.0.15 (HKLM\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2017 (HKLM\...\{91B33C97-C878-6579-69BA-23E5405C7AAB}_is1) (Version: 18.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2019 (HKLM\...\{91B33C97-293D-A984-2057-76661C44CB0E}_is1) (Version: 1.20.0 - Ashampoo GmbH & Co. KG)
Ashampoo Home Designer Pro 3 (HKLM\...\{CEAF6AE1-CE17-4ED1-A817-C31012B8D6CD}_is1) (Version: 3.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 14 (HKLM\...\{0A11EA01-616B-A905-B3D2-3B7C238851DC}_is1) (Version: 14.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio 2013 v.1.0.2 (HKLM\...\{91B33C97-34D2-9841-084D-BE4849F6A38F}_is1) (Version: 1.0.2 - Ashampoo GmbH & Co. KG)
Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AutoCAD 2007 - Český (HKLM\...\{5783F2D7-5001-0405-0002-0060B0CE6BBA}) (Version: 17.0.54.110 - Autodesk)
Autodesk DWF Viewer (HKLM\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9045 - )
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
AVStoDVD 2.7.5 (HKLM\...\AVStoDVD) (Version: 2.7.5 - MrC)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\E77704EF5E71F4F18CADFBFA68595AFE036D5D97) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM\...\{0B374B2C-FE04-4741-B0B2-B14D84CEDAFF}) (Version: 3.35.0 - Kovid Goyal)
Canon MP Navigator EX 1.0 (HKLM\...\MP Navigator EX 1.0) (Version: - )
Canon MP220 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP220_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CDex - Digital Audio CD Extractor and Converter (HKLM\...\CDex) (Version: 1.81.0.2016 - Georgy Berdyshev)
cGPSmapper Free 0100d (HKLM\...\cGPSmapper Free_is1) (Version: - cGPSmapper)
Clean Master (HKLM\...\cmpc) (Version: 6.0 - Cheetah Mobile)
Cobian Backup 11 Gravity (HKLM\...\CobBackup11) (Version: - )
Compiled Driver Disk (Nokia) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811205}_is1) (Version: 1.0.8.0 - COMPELSON Labs)
Contents (HKLM\...\{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}) (Version: 1.6.2.36 - Corel Corporation) Hidden
Convert WAV To MP3 1.0 (HKLM\...\Convert WAV To MP3_is1) (Version: - A Software Plus)
Convert-All Media Converter (HKLM\...\Convert-All Media Converter) (Version: - )
Corel Applications (HKLM\...\Corel Applications) (Version: - )
Corel VideoStudio Pro X3 (HKLM\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.2.36 - Corel Corporation)
CSE HTML Validator Standard v12.03 (HKLM\...\CSEHTMLVALIDATOR120_is1) (Version: 12.3.0.0 - AI Internet Solutions LLC)
Curvas de nivel VFP Portugal (HKLM\...\Curvas nivel VFP Portugal) (Version: - )
CyberLink PhotoDirector 8 (HKLM\...\{80986AB6-3CB0-49db-AB48-1600844D6374}) (Version: 8.0.3515.0 - CyberLink Corp.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DeviceIO (HKLM\...\{F4E9851F-765E-40B7-9859-237C2724E62C}) (Version: 1.6.2.36 - Corel Corporation) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
DVDFab Platinum 4.1.2.0 (HKLM\...\DVDFab Platinum 4_is1) (Version: - Fengtao Software Inc.)
EasyGPS 5.18.0.0 (HKLM\...\EasyGPS_is1) (Version: 5.18.0.0 - TopoGrafix)
Elevated Installer (HKLM\...\{F3FFDC37-92A9-4E5E-B57E-7E47FD4FFDAF}) (Version: 6.11.1.0 - Garmin Ltd or its subsidiaries) Hidden
FARO LS 1.1.406.58 (HKLM\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fast VD 3.1.0.21 (HKLM\...\9ED08AFF-E977-47db-8923-2499D74C97C5_Fast VD_is1) (Version: 3.1.0.21 - FastPcTools)
FastStone Image Viewer 6.5 (HKLM\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
FastStone Photo Resizer 3.2 (HKLM\...\FastStone Photo Resizer) (Version: 3.2 - FastStone Soft.)
Firebird SQL Server - MAGIX Edition (HKLM\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Folder Marker Home v 3.2 Chip Czech Edition (HKLM\...\Folder Marker_is1) (Version: 3.2 - ArcticLine Software)
Fotogalerie (HKLM\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Converter (HKLM\...\Free Audio Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd)
Free Video Flip and Rotate version 2.1.2.821 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.2.821 - DVDVideoSoft Ltd.)
Garmin BaseCamp (HKLM\...\{0D7C8884-192D-4E2D-A635-B282B3647E45}) (Version: 4.4.7 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{353EA8D4-4E75-4D16-83E1-60F0223E502A}) (Version: 6.11.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM\...\{a8423fa4-7f62-4346-b5e2-abb033b1a927}) (Version: 6.11.1.0 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin TOPO Österreich v2 (HKLM\...\{7AA38575-25A1-4C2F-B40B-2188EB73FF0E}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{E31435FE-F0B7-4A62-BE46-BD166A1EEFFB}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
GeoGet verze 2.9.9.775 (HKLM\...\GeoGet_is1) (Version: 2.9.9.775 - )
GMapTool 0.8.186a (HKLM\...\{1873789F-59D5-4002-8A2F-60A827B78F98}_is1) (Version: - AP)
Google Earth (HKLM\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.18) (Version: 9.18 - Artifex Software Inc.)
HD Video Converter Factory Pro 16.1 (HKLM\...\HD Video Converter Factory Pro) (Version: 16.1 - WonderFox Soft, Inc.)
Helicon Filter 5.5.4 (HKLM\...\Helicon Filter 5_is1) (Version: - Helicon Soft Ltd.)
Helicon Photo Safe Pro 4.60.0.0 (HKLM\...\Helicon Photo Safe Pro_is1) (Version: 4.60.0.0 - Helicon Soft Ltd.)
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
ICA (HKLM\...\{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.2.36 - Corel Corporation) Hidden
iCloud (HKLM\...\{9A07AB4F-6B53-43E9-B7FC-7892E8C26BE3}) (Version: 4.1.1.53 - Apple Inc.)
ICQ (verze 10.0.12341) (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\icq.desktop) (Version: 10.0.12341 - ICQ)
iFreeUp 1.0 (HKLM\...\iFreeUp_is1) (Version: 1.0.12 - IObit)
iMyFone Umate 5.1.0.3 (HKLM\...\{5284F901-9F62-4462-A0E6-2E4373A64454}_is1) (Version: 5.1.0.3 - Shenzhen iMyFone Technology Co., Ltd.)
Incomedia WebSite X5 v10 - Home (HKLM\...\{22B260EE-79AD-4F4C-9E06-349E8F1D958C}_is1) (Version: 10.0.4.28 - Incomedia s.r.l.)
iPhone Care Pro (HKLM\...\iPhone Care Pro) (Version: - Tenorshare, Inc.)
IPM_VS_Pro (HKLM\...\{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}) (Version: 13.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{6FF5D12A-8E8C-4019-9BBC-566912771289}) (Version: 12.8.0.150 - Apple Inc.)
Java 8 Update 191 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
K-Lite Codec Pack 9.4.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 9.4.0 - )
Lagarith Lossless Codec (1.3.27) (HKLM\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Leawo iTransfer version 1.8.2.5 (HKLM\...\{93337CC5-9BC4-4FB0-B82E-38EC63E149F3}_is1) (Version: 1.8.2.5 - Leawo Software)
Leawo Music Recorder version 1.1.0.0 (HKLM\...\{FAF11D3B-7633-402B-BAFA-4BCAAE030F20}_is1) (Version: 1.1.0.0 - Leawo Software)
Leawo Prof. Media version 7.7.0.0 (HKLM\...\{A5F041A4-812A-47C2-AD53-8893A81019FB}_is1) (Version: 7.7.0.0 - Leawo Software)
Leawo Video Converter Ultimate version 6.2.0.0 (HKLM\...\{F8FF54F5-AF73-4698-BF5C-393689CD0079}_is1) (Version: 6.2.0.0 - Leawo Software Co.,Ltd.)
Leawo Youtube Downloader version 4.5.0.1 (HKLM\...\{9E887DDE-2882-43E3-8AAF-127F8198030D}_is1) (Version: - Leawo Software Co., Ltd.)
MAGIX Photo Manager 15 (HKLM\...\{7C382EF1-2F98-47B4-9F31-511935D1138D}) (Version: 11.0.2.36 - MAGIX Software GmbH) Hidden
MAGIX Photo Manager 15 (HKLM\...\MX.{7C382EF1-2F98-47B4-9F31-511935D1138D}) (Version: 11.0.2.36 - MAGIX Software GmbH)
MediaInfo 18.03 (HKLM\...\MediaInfo) (Version: 18.03 - MediaArea.net)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
MLE (HKLM\...\{7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}) (Version: 1.0.0.23 - Corel Corporation) Hidden
Moto assistant 1.3 (HKLM\...\{B36DF239-A12D-4C3C-B588-E09DA71F3BCC}_is1) (Version: - )
Movavi Video Suite 11 SE (HKLM\...\Movavi Video Suite 11 SE) (Version: 11.2.1 - Movavi)
Movie Maker (HKLM\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 63.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 63.0.1 (x86 cs)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1.6877 - Mozilla)
Mozilla Thunderbird 60.3.3 (x86 cs) (HKLM\...\Mozilla Thunderbird 60.3.3 (x86 cs)) (Version: 60.3.3 - Mozilla)
Mp3tag v2.53 (HKLM\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyTube 6 (HKLM\...\{02C15B8C-26BE-479C-0001-7E31094C1376}) (Version: 6.0.14.115 - S.A.D.)
nanoCAD 5.0 (HKLM\...\{6D4250F7-DB33-4530-A9BD-A9D66BA34586}) (Version: 5.0.2520.2000 - Nanosoft)
Nik Collection (HKLM\...\Nik Collection) (Version: 1.2.11 - Google)
Nokia Connectivity Cable Driver (HKLM\...\{D4BF151C-70A8-4CE2-906F-4173A575BAD9}) (Version: 7.1.182.0 - Nokia)
Nokia PC Suite (HKLM\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia Software Updater (HKLM\...\{7130468A-F53F-4698-8C09-A339EA3B05E6}) (Version: 3.0.655 - Nokia Corporation)
Nokia Suite (HKLM\...\{88B6F9DE-C80F-4A70-ACF6-BEE933679170}) (Version: 3.8.54.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
OLYMPUS Digital Camera Updater (HKLM\...\{20802138-EAA6-424D-B7E9-A01AC4881F3D}) (Version: 2.1.2 - Olympus Corporation)
OLYMPUS Viewer 3 (HKLM\...\{48F7F217-9E30-423F-AF21-A517FF65F18E}) (Version: 1.3.0 - OLYMPUS IMAGING CORP.)
Opanda IExif 2.3 (HKLM\...\Opanda IExif_is1) (Version: 2.3 - Opanda Studio)
Opanda PowerExif 1.2 Professional Trial (HKLM\...\Opanda PowerExif Professional Trial_is1) (Version: 1.2 - Opanda Studio)
OpenStreetMap Portugal (HKLM\...\Topographic Portugal) (Version: - )
Oxygen Phone Manager II (Trial) (HKLM\...\Oxygen Phone Manager II (Trial)) (Version: - )
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC Image Editor (HKLM\...\{BE45D350-7BFF-4AC6-A958-65443346A40E}) (Version: 5.4 - Program4Pc Inc.)
PDF Editor Pro 3 (HKLM\...\PDF Editor Pro 3) (Version: - )
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
PhotoFiltre 7 (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\PhotoFiltre 7) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Pomocník při upgradu na Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Power Sound Editor Free v8.7.5 (HKLM\...\Power Sound Editor Free_is1) (Version: - Copyright(C) 2005-2014 PowerSE, Inc.)
PrimoPDF -- by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5.0.0.19 - Nitro PDF Software)
PureHD (HKLM\...\{F8423392-2296-4748-9B66-344432459632}) (Version: 1.6.2.36 - Corel Corporation) Hidden
RadioSure (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\RadioSure) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6839 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MP220 series (HKLM\...\Registrace uživatele zařízení Canon MP220 series) (Version: - )
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
SAM CoDeC Pack (HKLM\...\SAM CoDeC Pack) (Version: 5.05 - www.SamLab.ws)
Scanitto Pro (HKLM\...\{FC9FED7B-11C5-4BAA-AAF0-395AD111EE92}_is1) (Version: 3.5 - Masters ITC Software)
ScanSoft OmniPage SE 4 (HKLM\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Setup (HKLM\...\{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}) (Version: 1.6.2.36 - Corel Corporation) Hidden
Seznam CD a DVD 1.1 (HKLM\...\Seznam CD a DVD_is1) (Version: - S3 Software)
Share (HKLM\...\{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}) (Version: 1.6.2.36 - Corel Corporation) Hidden
Skype verze 8.33 (HKLM\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slovakia_Topo_v3_Beta2 (HKLM\...\{3862105D-1AD3-470D-9CE5-94A2DB91D6CC}) (Version: 1.00 - CONAN s.r.o.)
Smart GPS Sync 1.0.2 (HKLM\...\{C9145898-CE55-4DD3-B187-7928A2B3B67C}_is1) (Version: 1.0.2 - Picture Instruments)
SmartSound Common Data (HKLM\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Common Data (HKLM\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (HKLM\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
Soda PDF 5 (HKLM\...\{4E9B5BFE-856B-4C3A-BE90-4547DC255B22}) (Version: 5.0.131.9113 - LULU SOFTWARE LIMITED)
Sonic PDF Creator v3.0 (HKLM\...\Sonic PDF Creator_is1) (Version: 3.0 - Investintech.com Inc.)
Subtitle Edit 3.4.12 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.12.1 - Nikse)
Südtirol (Topo) (HKLM\...\{53F7328C-6687-4AC9-9F68-2E28D8273033}_is1) (Version: - )
SuperEasy Video Booster v.1.1.3056 (HKLM\...\{039BC111-ED4E-CCDF-634D-AF330C24ACB8}_is1) (Version: 1.1.3056 - SuperEasy Software GmbH & Co. KG)
Synology Assistant (remove only) (HKLM\...\Synology Assistant) (Version: - )
The KMPlayer 3.5.0.81 with LAV Filters (HKLM\...\{ACBA5A14-2D62-4820-8206-D768C74C1E10}_is1) (Version: - ©7sh3. (Сборка от 08.03.2013))
The Panorama Factory V5 m32 Edition (HKLM\...\{DFF110A5-82A4-45FC-873D-F5C6D7B57914}) (Version: 5.3.2792 - Smoky City Design)
Tint (HKLM\...\tint) (Version: - )
Toolbar Terminator (HKLM\...\Toolbar Terminator_is1) (Version: 1.7 - Abelssoft)
TOPO Czech PRO 2013 (HKLM\...\{8E2A1F3F-0E67-4B33-B8F4-A2A53FDDD844}) (Version: 7.00 - PICODAS PRAHA, spol. s r.o.)
Topo España V.3.0 (HKLM\...\{1CFDFFDB-6646-43D6-8141-A77443F6BF98}) (Version: 2.00 - MPC Licensee)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
TrekMap v2 (HKLM\...\{46E7E808-5AD2-44B6-B52C-68EB15182D8A}) (Version: 2.07 - Garmin Italia S.p.A.)
Ut Video Codec Suite (HKLM\...\utvideo_is1) (Version: 12.0.1 - UMEZAWA Takeshi)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VIO (HKLM\...\{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}) (Version: 1.6.2.36 - Corel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VSClassic (HKLM\...\{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}) (Version: 1.6.2.36 - Corel Corporation) Hidden
VSPro (HKLM\...\{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}) (Version: 1.6.2.36 - Corel Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.8 - Winamp SA)
Winamp Detector Plug-in (HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPDFEditor V2.0.1 (HKLM\...\WinPDFEditor_is1) (Version: - hxxp://www.WinPDFEditor.com)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 12.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )
Wise Duplicate Finder 1.3.1 (HKLM\...\Wise Duplicate Finder_is1) (Version: 1.3.1 - WiseCleaner.com, Inc.)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
XnView 2.42 (HKLM\...\XnView_is1) (Version: 2.42 - Gougelet Pierre-e)
Xvid MPEG-4 Video Codec (HKLM\...\Xvid_is1) (Version: - )
YTD (pepak) (HKLM\...\YTD_Pepak) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0099CFA7-40DE-9D9D-D707-5FFE2B2650F9}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{04411138-2A90-5B8C-B564-CD8AB21F2F63}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0884B82D-BCEF-B184-2CA3-A699C29A777B}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{09BEBC5B-7AE6-BF07-3D8E-374A1D003178}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0ADB5C42-8CB2-DD35-E7F5-5D3250E2D19D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0E3A2831-F34B-311D-1F2C-51669957B3D9}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0E77E023-248B-ECF5-00AA-EB80BD24A918}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{0F3E2C62-94E2-A6AF-EFEF-488244D2C350}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{10AD2F0E-24D7-4F3B-9527-DC122779BEE8}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{1761BAD7-545D-1E26-62BA-9ED9E3129390}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{1992A01B-977E-30D7-CD11-95937AFEBB64}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{1BD9F7BD-00B8-A273-AE79-C7DF8953E2B8}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{209128F5-71C6-205D-7037-7EA3985CEDFF}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2105A579-1F02-E681-1950-1E7CCE2C299A}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{210F070D-53AA-CAC9-0BF9-82F88AC4632E}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2139E5B7-3241-FC3A-0B6C-4FB71D7D7646}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{21A90043-CB5B-04F7-09D9-0CE8529B9481}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{23872B08-F8C8-5BA1-3706-F7CEA839596C}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{24A74811-718F-4FCE-225F-B8D2CFC48EDE}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2007\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2A1BE986-CFF9-2B5F-E0C3-84CF44F09EFC}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2DE43ED5-AF0D-4285-97E8-EC5ACEA34D1F}\InprocServer32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2E949038-8103-C652-C06F-3E520A8AD344}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{2F018727-00DE-0891-E8FA-2B1D60C0C7E3}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{34B3EA24-BDB0-AF97-CFCF-20DCEB20ECFC}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{35C807A3-6024-5F29-0ADF-5EEB2011B3C7}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{3C5857B4-6BA3-23B9-4CD9-C28998672DC9}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{3E0C1902-4A51-8497-57EA-D62089C33826}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{449354E9-CDD8-4A11-BD82-0D4A3C21E7D2}\localserver32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\nCad.exe (ZAO Nanosoft)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{449CFB1B-1C07-48EA-9A9A-7A7881C2B49B}\InprocServer32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{4735EDE0-F8F7-40F4-BA07-74E8E4008729}\InprocServer32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.127.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{473D92C5-4A50-E6DB-B302-25676FC8CEF4}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{4BCF72DA-684E-5A64-A0E8-2F5597EB918A}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{4EEB678D-4605-914D-347A-4EF22C3D954B}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{51E98CE2-AF9F-4F9D-5EDB-9DA5486F5DF6}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{529FD314-ED7E-9058-8CA8-B959396BA57A}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{58A4EBCA-52B9-3F3D-71B0-60226A6FD4A7}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{5D02CD29-A2EE-2B02-B47B-067757CB2565}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{5E44874E-68AB-515A-5E71-22E33F9CE064}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{5F8A3072-41D2-7164-E1AB-BA65E32B2EDD}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{5FB36537-9B3C-6CFB-D515-3DE104240753}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6142F40B-76F6-9DE0-A2D5-CA6FBC9DF960}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{615BA1EB-1CCA-948B-AAC4-56D5690F4B3C}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{61FDB5BC-6D47-7B88-62CC-7DC08311B39D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{64D548CF-0D83-34A7-54A4-AC4429C26C73}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{65933717-4D32-5CBB-0037-F5E75AC4D7C7}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6A37D228-6D7D-5CF7-69BF-01951F547EBF}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6C99CC47-9EA3-328E-B24D-837C19A33AD4}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6CFB62AA-9D5C-EFD5-A37D-6D1E7AFBAEB3}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\MM\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe => No File
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6E210260-4389-512F-2454-0BCC2A32F68D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{6E852F1D-53EA-E0F3-F137-435A55233594}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7135B2E1-D078-8CCA-E845-312B1412EA53}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{71B10F0A-DE60-1D5A-06C2-5E30420425ED}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{78A6AC9A-3070-9ED6-29D2-5AE4C2DE7B3F}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{79A8636B-7B98-EDC2-0C44-6F7E39DD6868}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7A59699F-EA33-6D20-2291-C292F7EFD244}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2007\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7B6A1858-E547-3187-9CC1-C91ECDF644FD}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7C95469D-367E-F10D-93E9-05C7FA6E50AD}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7EA2FC0E-D5C8-F83A-B584-C4811D0B1300}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{7EDCD7E5-E2B0-D35E-31A2-55643393857A}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{81AF0F32-3D60-AE3F-506D-02DB3884C0DE}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{83A37DC5-310D-3F4F-5A26-CCF8F402F1AB}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{867FA47E-79EC-1BCF-94A0-DE4E6269F474}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{86CF96D8-F275-4791-B669-D50577FC157D}\InprocServer32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.75.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{873B53D6-E4FA-BF1B-164D-936082305719}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{8742C155-05EA-3DCC-9F1C-F8E5D8078C3D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{89628CCA-1B1A-1C61-70C0-FA8B941ACC08}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{8C15B215-08EF-A6B9-072B-893B3DB93B72}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{8D79DAC4-BC7B-9EF9-E4E9-22D914242211}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9062396A-8EAA-BE8A-2114-126FFF8A755D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{910B3874-1DC9-054D-A662-54206261C9A3}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{91AD5D5F-7148-FA24-D8BA-285E98FBF34D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{924D8ADA-3D35-08EA-C26E-77B4A046002F}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{92ACF168-5B66-15C4-3BD6-52668EAA751C}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9AA9CBF2-9967-5CD8-650F-6272187DCB7B}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9BAD416A-3107-E2EF-C9D1-3AB4A4625D16}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9CB2A27F-F39D-D869-B736-05C64AE1BC73}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9DE8E9C1-4B2F-6417-D95F-789641BFC94F}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{9FDE4061-3B67-0283-DFF8-17D6722ABB01}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{A1783B66-0972-E760-B086-B4C93F834A97}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{A44AB5E0-40DC-5438-5623-DA019CABA56E}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{A7461C49-B122-2FA5-B6CF-5F023091356D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{AFFD1D06-04B2-B9B8-A9FA-B5807A179F2C}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{B2B539E6-BE3D-3BD8-6472-6CEA00208E69}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{B5EB0446-4CEA-6744-1E14-546FEBDA9C5A}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{B77FE1AF-94A8-2F97-12FE-A87825335B45}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{B781DBA9-CAFE-610D-EB3A-B362BF412BC7}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{BA4F7AA3-CAAD-62CE-3BFC-48A46B8891D5}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{BD4BB03D-5295-6188-D36F-16680A07920E}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{C4C34861-D306-93D5-B30F-A7F0D42D2D69}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{C591D97F-8486-AC2B-58ED-543546E9F184}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{C5EF8042-F768-BC19-D49A-541FD118ADFE}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{CBDEFAAC-70DA-8F2E-2F07-6B17A939A2A5}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{CD360D2D-595C-87CF-37F5-815AD591DBC4}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{CDBCA1D2-C8A7-A052-6D26-774DC3DCFFFC}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{CE7A9202-B9E3-C5A7-C144-6731A660A5EC}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D14F72D1-28A3-6A2E-A919-AF69B0E958B1}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D1F5A6BC-B25B-4319-7501-8B56EFABD41D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D374F580-6AA7-5B04-B04D-22F55A38A1D9}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D6FD15CA-7D04-3583-AD7D-E1454C6A04F8}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D7284C75-802A-9C84-37ED-97991FFF2869}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{D7DB5A07-56E3-6D0D-EFCB-8BB39E57FDC0}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{DA35FC02-3B39-0965-A945-30C0A3D1910B}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{DAEDDF77-A975-3A67-4613-54A4365D5316}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{DD726CE9-69C8-3FF5-D897-84A1A3DE4E56}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{DE5085CD-0509-D588-3CF1-5BF9E64F60AE}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{DF1B703C-87EF-6650-A399-188CA41C6244}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E17B459E-3157-9A6A-3EF1-D41F3B109F00}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2007\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E59856CF-4604-A2AB-C809-72F9E0822B6D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E6B585EC-7147-23FA-F964-8B0BA659DC76}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E7D81C3F-2283-80AF-F00D-32AAF57167A3}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{E9A74089-7508-1598-B918-3CA107BACB1B}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{EA666C34-165C-08AA-7E23-76799C3EFFF9}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{EC0F6A3A-7212-111C-3B18-8AAB9154F340}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{EDDB87CA-E44B-ECDC-F75E-F702179CF804}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{F441B67E-6438-F1A3-F6C3-1040BE5D80CA}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{F7749E6D-4338-12A1-168E-3E3E16ED004D}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{F777A613-7EEB-F594-0C06-591F125C7759}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\MM\AppData\Local\Dropbox\Update\1.3.141.1\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FEDB3A72-8276-586C-ECA4-69D898B9072C}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
CustomCLSID: HKU\S-1-5-21-1107837428-173974533-547177936-1000_Classes\CLSID\{FF6A239C-37E6-5036-4FCD-ACFDB122933E}\InprocServer32 -> C:\Program Files\Nanosoft\nanoCAD en 5.0\bin\OdaX_csd.dll (Open Design Alliance)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2006-03-05] (Autodesk)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll [2005-11-15] (Autodesk, Inc.)
ContextMenuHandlers1: [cm_32bit] -> {D84432AF-3514-45a1-BD9C-1D6767EACD2E} => c:\program files\cmcm\Clean Master\cmmenu.dll [2018-12-04] (Cheetah Mobile,Inc.)
ContextMenuHandlers1: [FineReader9ContextMenu] -> {59A3380E-5305-4cea-BD99-4F2FF510C91F} => C:\Program Files\ABBYY FineReader 9.0\FRIntegration.dll [2007-12-07] (ABBYY Software Ltd)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll [2015-04-26] (Apple Inc.)
ContextMenuHandlers1: [SodaPDFExtension] -> {A0F0A29A-1D9A-4FF8-AB02-42698B04534C} => C:\Program Files\Soda PDF 5\ContextMenuExt.dll [2013-01-25] (LULU Software)
ContextMenuHandlers1: [SonicPDF.ShellExt] -> {70666C04-8490-4B85-96C6-D87C52E6F451} => C:\Program Files\Investintech.com Inc\Sonic PDF Creator\3.0\itSONShellExt.dll [2014-06-23] (Investintech.com Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers2: [cm_32bit] -> {D84432AF-3514-45a1-BD9C-1D6767EACD2E} => c:\program files\cmcm\Clean Master\cmmenu.dll [2018-12-04] (Cheetah Mobile,Inc.)
ContextMenuHandlers2: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => c:\Program Files\Common Files\Ulead Systems\DVD\USIShex.dll [2010-05-17] (Ulead Systems, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [cm_32bit] -> {D84432AF-3514-45a1-BD9C-1D6767EACD2E} => c:\program files\cmcm\Clean Master\cmmenu.dll [2018-12-04] (Cheetah Mobile,Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers5: [cm_32bit] -> {D84432AF-3514-45a1-BD9C-1D6767EACD2E} => c:\program files\cmcm\Clean Master\cmmenu.dll [2018-12-04] (Cheetah Mobile,Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [FMMenuExt] -> {47C91696-894C-46A1-B196-2C7CA1952F45} => C:\Program Files\Folder Marker\ShellExt.dll [2011-02-21] (ArcticLine Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1107837428-173974533-547177936-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1107837428-173974533-547177936-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1107837428-173974533-547177936-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll [2019-01-22] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01ED3DE4-15E3-4C9B-B3DE-96DA2A0D355F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {0712D985-FE50-4453-B711-9D787D886FEE} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {07179D13-E66C-46EF-B110-08146447A745} - System32\Tasks\{8F2614C1-3FFC-494C-BC47-D86A387D14E8} => D:\Moto assistant\moto_assistant.exe
Task: {071AF25E-B60B-4FCA-8981-25D12B236763} - System32\Tasks\Wise Turbo Checker => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe
Task: {07D157A6-F2A9-4817-9032-EF93B041B640} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {0A08A316-66F2-4AA5-ADBF-E2438F3D0413} - System32\Tasks\iFreeUp_SkipUac_MM => C:\Program Files\IObit\iFreeUp\iFreeUp.exe [2016-09-30] (IObit)
Task: {1318318C-B062-4104-B502-00C5EC64EB1B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D1A9997-EBAB-40FB-AC0F-5178079738CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {1FACA2EA-3A11-474F-9EBC-8D91D7C5572A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {1FE28DED-329D-4F65-977E-DE59183223D5} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe <==== ATTENTION
Task: {208CA118-8788-49EB-B846-3EFBF2CFD43A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000UA1d23700d63cd2e5 => C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {219160E8-9BC2-4C75-A32D-5E7F45EB300F} - System32\Tasks\{F4E84B67-15CC-4DBE-9631-D6B35D4011DA} => D:\Moto assistant\moto_assistant.exe
Task: {2364558B-67A7-4298-B5D3-3F6FB52D3F91} - System32\Tasks\{3AB31FA7-CE4F-4D65-8517-DE35CEA7E3DD} => C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe
Task: {25A498BD-8098-49DC-870B-3613C5B94F05} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {27989409-20A1-43B9-BD99-961FDBF324A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {2CBCF887-D1AB-4D15-85AA-4A73E5155C7C} - System32\Tasks\FastVD_UpdateSchedule => C:\Program Files\FastPcTools\Fast VD\FastVD.exe [2019-01-22] (FastPcTools)
Task: {2DCC3557-789E-4D24-9A6D-B60D854D9F67} - System32\Tasks\{8FF442D8-7B89-4DD7-947A-7FFE80B34223} => C:\Program Files\YTD\ytd.exe [2017-02-18] (Pepak)
Task: {2FE4A017-FE2F-4D00-9B8B-2CBD0F075A82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {31B00E04-DDD9-4E54-AC62-C01C4CDA2198} - System32\Tasks\{536ADA85-2327-4875-816E-2FC301FCC930} => D:\Moto assistant\moto_assistant.exe
Task: {33452792-50BF-4969-AAFD-25FA918E5CC0} - System32\Tasks\{BCD55362-CA17-4697-9E37-2F82DD989112} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {351B558B-8867-4BBA-B6CC-86E3132CAA42} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {42EF8D36-E395-43F5-A917-F2E7E58807A7} - System32\Tasks\{04F80CDE-96C0-4E7C-BC06-D55B3DF87646} => D:\Moto assistant\moto_assistant.exe
Task: {460E75F3-CAB2-4030-9B9D-6D771A5C725D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {46316DF1-49AE-4757-B3F2-9CA570630CE5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {481E93A2-BA19-41F3-8DE9-D341D1F3CAF1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {51BBDED5-0944-459A-B88E-D5700EB7E934} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {58E10C5E-B5DA-4A19-8169-46B96C322ABF} - System32\Tasks\{BE11830D-5D39-4883-94CE-41DB18416871} => C:\WINDOWS\system32\pcalua.exe -a E:\RUN.EXE -d E:\
Task: {602BC834-5E89-4C76-90EE-5A8BA36066C2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {615C78BA-B0D6-4DE1-B0AD-80215B2731EE} - System32\Tasks\{538C4725-558A-4E9C-9854-9D7A0A28C8DB} => D:\Moto assistant\moto_assistant.exe
Task: {67328526-A8A1-40E9-A96A-D19C56389274} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6D76744C-87A8-4A4C-840D-C23B897F45E9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EF66273-B9FC-4353-BB94-43D4D781FCD0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {79959071-1690-4155-A20B-2BB5E9AA8FFE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7DB71736-E456-4692-895E-9C980141987E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F5D07C7-45DA-4443-9CF6-6BAC5D94D9E4} - System32\Tasks\{CEA3E276-9CDF-4969-BF1F-E8FCF2D65B76} => C:\Program Files\YTD\ytd.exe [2017-02-18] (Pepak)
Task: {80DDDB1D-4A16-4EBE-9CBC-891540C68512} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8467253F-659D-4A0B-83A8-BC5C706A525F} - System32\Tasks\{D10ED8DF-AD18-48B8-9337-68AD77E32E25} => D:\Moto assistant\moto_assistant.exe
Task: {85A9D872-23BA-487A-AB36-371AD6A8C2EA} - System32\Tasks\Opera scheduled Autoupdate 1439041970 => C:\Program Files\Opera\launcher.exe
Task: {88E54489-E1BD-42E0-A2A6-5424B7DAB037} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2019-01-14] ()
Task: {8D3D8817-9BEA-47F2-B9D9-A51A1B335527} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {90102B4B-34D2-4533-9ACB-D277DA1B6176} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {90620059-8266-45FF-BBF4-F131B1440849} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000Core1d23700d5e5af58 => C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {942E6BD6-F24D-4B48-8A54-17F678296A5F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {98F7DE2E-5797-45E9-91AA-A699EEAE8199} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9992BC0B-20A5-4BF8-A6FB-92845CA04CAC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {A410964E-C191-481B-950C-C6D7EC370646} - System32\Tasks\{D090E77D-BDE5-4445-8E79-9EA5C9ED3BF9} => C:\Program Files\CyberLink\PowerDirector12\PDR12.exe
Task: {A7065E4A-C932-4CA7-809D-67E9AA27C425} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4BE7187-A7DE-41C0-9194-09F9D119D65F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B7AEFC48-709B-4B54-91E9-EA21D4D01BC1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BCF0BAA4-BF12-4602-870A-947E9545E3D1} - System32\Tasks\{33FC4677-F90D-49E3-90AB-108286B51A8F} => C:\Windows\system32\pcalua.exe -a C:\Users\MM\Downloads\Nokia_PC_Suite_ALL.exe -d C:\Users\MM\Downloads
Task: {BD939D5C-46FE-4024-938B-FBDB4A01F755} - System32\Tasks\{63821440-5E8F-4395-8239-7A7F4AAE0088} => D:\Moto assistant\moto_assistant.exe
Task: {C11CC6AA-4AA1-4D19-9D75-CEA408C1B5FE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-28] (AVAST Software)
Task: {C213EF7B-5958-4F69-B15B-D4F929D4FE7C} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {CA23E944-C3CD-43B3-8882-00821F191CB1} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {CBA7F6FB-5D82-4F34-A776-69F0AA1A9348} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {D137E099-C1FD-42CD-AE69-A58F552B88A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {D2280D07-2B86-4F16-A5E5-8A82BCADA511} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {D3259BE8-390F-42C5-9818-D65F9269A5A7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D82A1300-82C9-4D9E-8452-1E50B0DC0618} - System32\Tasks\{B5E11160-18DD-4831-A4B3-6AE0485CCDA3} => D:\Moto assistant\moto_assistant.exe
Task: {DA98BE3E-43AB-43EB-BC31-D6202F57DD7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {DADF6054-162D-4FA1-869C-4134956ADA57} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DBCD14AF-8B32-4C20-86F8-5548FE42D806} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DF17705F-16E4-4E4F-BFCF-F3C2A89DC726} - \Torntv 2-updater -> No File <==== ATTENTION
Task: {E060CDEE-2E00-4A30-9A01-40889EC9471A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2DE0780-D289-4DFC-93F5-E8D9FF5EABF2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E60E28F6-5C44-4C15-9199-68C5186160FB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F23D08D4-CAF9-4EE5-8AA8-E359CDCC5A4B} - System32\Tasks\{26226D52-E207-422E-8EE0-6B13AC05E33A} => D:\Moto assistant\moto_assistant.exe
Task: {F89F8646-382D-4BF3-BDD8-18D1285A480A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FA4677CD-F9EC-47DC-9C8A-DC71D2EEC9A3} - System32\Tasks\{84F07497-72BB-41B9-92BA-11DAEC4BC5E6} => C:\Windows\system32\pcalua.exe -a E:\Data\Install\mapsource\MapSource_6156.exe -d E:\Data\Install\mapsource

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000Core1d23700d5e5af58.job => C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1107837428-173974533-547177936-1000UA1d23700d63cd2e5.job => C:\Users\MM\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\www.emcos.cz\target.lnk -> hxxp://www.emcos.c
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2016-10-25 21:57 - 2009-07-31 02:44 - 000176235 _____ () C:\WINDOWS\System32\Primomonnt.dll
2018-05-12 19:38 - 2014-10-16 09:26 - 000622880 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2015-02-04 17:41 - 2014-08-22 09:16 - 000942576 _____ () C:\Program Files\Common Files\Appkeys\yytool.exe
2017-12-08 01:49 - 2017-12-08 01:49 - 000076088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-23 05:56 - 2018-06-23 05:56 - 001042232 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-18 09:57 - 2016-10-27 12:13 - 000114664 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-12-18 09:58 - 2016-10-27 12:13 - 000024040 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-12-18 09:58 - 2016-10-27 12:13 - 000048104 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-12-18 09:58 - 2016-10-27 12:13 - 000108008 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-03-18 06:41 - 2016-03-18 06:41 - 000248840 _____ () C:\Program Files\Synology\Assistant\UsbClientService.exe
2018-04-11 21:29 - 2018-04-11 21:29 - 000364200 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-05-12 19:38 - 2013-01-15 17:48 - 000348992 _____ () C:\Program Files\IObit\iFreeUp\madExcept_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000183616 _____ () C:\Program Files\IObit\iFreeUp\madBasic_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000051008 _____ () C:\Program Files\IObit\iFreeUp\madDisAsm_.bpl
2018-05-12 19:38 - 2015-07-29 13:12 - 000561952 _____ () C:\Program Files\IObit\iFreeUp\SQLite3.dll
2018-04-11 21:29 - 2018-04-11 21:29 - 000308224 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-02 16:36 - 2018-11-09 02:26 - 001671168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-28 08:25 - 2019-01-09 06:22 - 001609216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-06 01:02 - 2018-07-06 01:02 - 000076088 _____ () C:\Program Files\iTunes\zlib1.dll
2018-07-06 01:02 - 2018-07-06 01:02 - 001042232 _____ () C:\Program Files\iTunes\libxml2.dll
2016-09-26 09:47 - 2011-08-09 14:22 - 000450560 _____ () C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OSLite.dll
2016-09-26 09:47 - 2016-08-26 15:41 - 000014848 _____ () C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\Tracer.dll
2016-09-26 09:47 - 2016-05-31 09:41 - 000122880 _____ () C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OlyPalm.dll
2019-01-10 11:01 - 2019-01-10 11:01 - 000093648 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2019-01-23 21:39 - 2019-01-22 14:14 - 001213768 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2019-01-23 21:39 - 2019-01-22 14:14 - 002103112 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2019-01-09 07:30 - 2019-01-22 14:16 - 000023376 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\tornado.speedups.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000025456 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000148968 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\_cffi_backend.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 001878888 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000025960 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:14 - 000118232 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\pywintypes36.dll
2019-01-09 07:30 - 2019-01-22 14:14 - 000109024 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32api.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000082760 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\fastpath.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:14 - 000418776 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\pythoncom36.dll
2019-01-23 21:39 - 2019-01-22 14:15 - 000074072 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000027616 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32event.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000049128 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32process.cp36-win32.pyd
2019-01-09 07:30 - 2019-01-22 14:14 - 000026600 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32clipboard.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000131552 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32file.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000182752 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32gui.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000027616 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32pipe.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000119272 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32security.cp36-win32.pyd
2019-01-09 07:30 - 2019-01-22 14:16 - 000401752 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32com.shell.shell.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000028640 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32job.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:16 - 000034664 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000062304 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:14 - 000023520 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\mmapfile.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 001457488 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\dbxlog._dbxlog.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000027488 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000053736 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32service.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000065504 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32evtlog.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000025944 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:16 - 000068968 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000028520 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000032224 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32ts.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 001755472 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000101200 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt592.sip.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 001885520 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000523600 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 003755344 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000061408 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32print.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000169304 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000061784 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000042840 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000202584 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000117584 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000214872 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000099664 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000029544 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.shell32.compiled._winffi_shell32.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000028008 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000033632 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winreindex.compiled._winreindex.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000027624 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\win32profile.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:16 - 000025960 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000025448 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000025960 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000031600 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:14 - 000486880 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winxpgui.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000051552 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000029040 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 011941712 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\nucleus_python.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000029024 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:14 - 000036312 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\librsync.dll
2019-01-23 21:39 - 2019-01-22 14:15 - 000036712 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000272208 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2019-01-09 07:31 - 2019-01-22 14:16 - 000025960 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.advapi32.compiled._winffi_advapi32.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000433992 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2019-01-09 07:31 - 2019-01-22 14:16 - 000038240 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000026432 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\libEGL.DLL
2019-01-23 21:39 - 2019-01-22 14:15 - 001967936 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2019-01-09 07:31 - 2019-01-22 14:16 - 000095592 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000025960 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.shcore.compiled._winffi_shcore.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000054096 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:17 - 000029544 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.cp36-win32.pyd
2019-01-09 07:31 - 2019-01-22 14:16 - 000025448 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\winffi.gdi32.compiled._winffi_gdi32.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000557392 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.cp36-win32.pyd
2019-01-23 21:39 - 2019-01-22 14:15 - 000335184 _____ () C:\Users\MM\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.cp36-win32.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5F64C164 [246]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2013-11-02 08:39 - 000000098 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\7-Zip;C:\Program Files\Calibre2\;c:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Leawo\Youtube Download;C:\Program Files\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: HlidacKatastru => C:\Program Files\Hlídač katastru\DRM.WinKlient.exe -h
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\StartupApproved\Run: => "FastVD"
HKU\S-1-5-21-1107837428-173974533-547177936-1000\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0E339DC1-B468-41C4-BD82-30F54B65EA6D}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft)
FirewallRules: [{99331D34-DD80-4929-A43F-B221B5DC4AC6}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft)
FirewallRules: [UDP Query User{D29F35AC-8CB8-4A8A-B257-D42A3688B4BB}C:\program files\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files\apowersoft\apowersoft phone manager\apowersoft phone manager.exe (Apowersoft)
FirewallRules: [TCP Query User{E055B640-242E-431A-A153-E325AF746A60}C:\program files\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files\apowersoft\apowersoft phone manager\apowersoft phone manager.exe (Apowersoft)
FirewallRules: [UDP Query User{4A1500E3-5667-498B-8D43-B6489FFE0A69}C:\program files\cobian backup 11\cbremotemanager.exe] => (Block) C:\program files\cobian backup 11\cbremotemanager.exe (Luis Cobian, CobianSoft)
FirewallRules: [TCP Query User{40E037D7-6F2B-4189-9BE7-E37F1E2DB346}C:\program files\cobian backup 11\cbremotemanager.exe] => (Block) C:\program files\cobian backup 11\cbremotemanager.exe (Luis Cobian, CobianSoft)
FirewallRules: [{8343F31A-BC8F-4C83-B857-E2FB040DBE3F}] => (Block) C:\program files\synology\assistant\dsassistant.exe ()
FirewallRules: [{AED0E5FA-71B1-4E22-928B-E9D247E7B95E}] => (Block) C:\program files\synology\assistant\dsassistant.exe ()
FirewallRules: [UDP Query User{5DE9AB23-5DE3-4A66-B853-CC67D70BD9AD}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe ()
FirewallRules: [TCP Query User{41279818-49EE-4195-A01D-3F257F5C7EE4}C:\program files\synology\assistant\dsassistant.exe] => (Allow) C:\program files\synology\assistant\dsassistant.exe ()
FirewallRules: [{E7F08B04-7434-4DA7-B100-79A0DB9F8920}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time)
FirewallRules: [{8B772970-C882-4226-858D-1017B18CA9AA}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time)
FirewallRules: [{BE8ED0EF-4D3F-4606-BA34-B6D0F061C69A}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{091EFB90-4805-4B11-9AB3-AA75F3869E4B}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{6017979C-D4CB-48A1-9277-17695A94E891}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{B126D26E-619C-4F7B-AC0D-C8C91A031072}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{E38E73B7-FCDF-426B-95AC-CB226E197597}] => (Allow) LPort=1900
FirewallRules: [{02A879B1-E36E-43EA-8678-90ED146589E2}] => (Allow) LPort=2869
FirewallRules: [{F48C6EF3-4CD4-45AE-879B-32BD60FF986D}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{1FAA4430-FABA-42CD-8EB3-61F10AA24234}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{005F165C-79A5-4ADF-A049-0098A021C0F9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{4EF9BDFF-FBC5-4BD8-BC7F-3000E42DB49D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{9D61517A-6703-4F4F-A919-6F3C5FE08979}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{DDA36739-C154-4DD8-8910-55B06D0EE5B0}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia)
FirewallRules: [UDP Query User{B5F3F141-24E0-4E6B-A305-478FEBDD291A}C:\users\mm\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mm\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc.)
FirewallRules: [TCP Query User{A614E994-D491-47FB-99A2-2A44A078A47D}C:\users\mm\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mm\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc.)
FirewallRules: [UDP Query User{C079928A-0D89-45A1-BD12-D24D5BEEA92F}C:\program files\leawo\video converter ultimate\loadingscreen.exe] => (Allow) C:\program files\leawo\video converter ultimate\loadingscreen.exe (Leawo Software)
FirewallRules: [TCP Query User{0B0A1F00-8D12-4EDE-BB1D-C29968365323}C:\program files\leawo\video converter ultimate\loadingscreen.exe] => (Allow) C:\program files\leawo\video converter ultimate\loadingscreen.exe (Leawo Software)
FirewallRules: [UDP Query User{1D79CE16-946C-4419-A042-D68A9E01BC4B}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [TCP Query User{7F1D6150-4650-4E73-9847-30E2B605CF1F}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [UDP Query User{BF71FF11-137A-44ED-9458-8D5DA7D18065}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File
FirewallRules: [TCP Query User{3FA63A09-2A5C-4372-9EEA-AA5677204284}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File
FirewallRules: [{D7177E80-BC81-4E55-A86D-2E21E2F4CE80}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia)
FirewallRules: [{368B0482-E029-4D92-8484-48F029003E25}] => (Allow) C:\Program Files\Winamp\winamp.exe (Winamp SA)
FirewallRules: [{E29EEBEC-8F47-4118-891A-9FB9D8994B4A}] => (Allow) C:\Program Files\Winamp\winamp.exe (Winamp SA)
FirewallRules: [{E8FEFB77-3861-4193-8935-D8BD0FCD4A29}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
FirewallRules: [{4031D7B6-4280-4598-B337-AC3717D6B613}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [UDP Query User{D8F6E4E1-FE78-4E29-B75D-28277C542EE4}C:\totalcmd\totalcmd.exe] => (Block) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH)
FirewallRules: [TCP Query User{7A600E21-C74D-40FB-B6E1-FC2D4FC9D162}C:\totalcmd\totalcmd.exe] => (Block) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH)
FirewallRules: [{E408802B-6D44-49B6-BCF3-2FA63088C31B}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia)
FirewallRules: [{D015FA8F-C43E-4D5D-8E26-C782B01C069C}] => (Allow) C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{E9E8DE2D-76A8-40E9-8A6F-5D9AF0C68925}] => (Allow) C:\Users\MM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{D8921C04-31F4-446D-8CD8-89D86FC04EE6}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
FirewallRules: [{B2D2F422-90E5-4974-8FA2-60170613AC04}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
FirewallRules: [{1A692052-A7B2-46C7-95AD-20F7B746F60E}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
FirewallRules: [{E46FDE2C-35F0-4838-A6A6-0F379F7C5AAE}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
FirewallRules: [UDP Query User{76999890-ED78-4F20-8D67-C214BCCEA2EC}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Winamp SA)
FirewallRules: [TCP Query User{56104883-A540-47B1-8130-FD2BEAFD9062}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe (Winamp SA)
FirewallRules: [{E6ED5A8F-2A55-40E4-8041-4F62A7048956}] => (Allow) C:\Program Files\Scanitto Pro\scanittopro.exe (Masters ITC Software)
FirewallRules: [{D2FF3C48-6181-4702-A0E1-175D6892795B}] => (Allow) C:\Program Files\Scanitto Pro\scanittopro.exe (Masters ITC Software)
FirewallRules: [{7720ECB6-06BD-4231-9101-CFC462D60CF4}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
FirewallRules: [{19CFD158-DE51-4190-AF07-BE2321C832B5}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{CEEBEE20-51BC-475F-BE7D-1E0D1AB2EB3D}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{65D032D7-1295-4F5A-B1AE-B3FB1098348D}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{4526A5E5-0BA6-4D58-908A-ADF737B9541A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{1CBCEC77-0A61-425F-B841-5FD01164642D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{00D7B94D-FE6A-4CBC-BA10-C11302984B42}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Restore Points =========================

28-01-2019 08:24:16 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2019 02:47:03 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: MM-PC)
Description: httphttp-2147467263

Error: (01/28/2019 02:39:46 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny IMultiInterfaceEventControl::GetSubscriptions došlo k neočekávané chybě. hr= 0x80010108, Vyvolaný objekt se odpojil od svých klientů.
.

Error: (01/28/2019 02:14:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c172047e-44cd-4d2e-a413-4833275a588c}

Error: (01/28/2019 02:14:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
Název modulu pro zápis: MSMQ Writer (MSMQ)
Název instance zapisovače: MSMQ Writer (MSMQ)
ID instance modulu pro zápis: {0d75b489-182c-4d3b-b9ad-f1b99991ff14}

Error: (01/28/2019 02:13:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c172047e-44cd-4d2e-a413-4833275a588c}

Error: (01/28/2019 02:13:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
Název modulu pro zápis: MSMQ Writer (MSMQ)
Název instance zapisovače: MSMQ Writer (MSMQ)
ID instance modulu pro zápis: {0d75b489-182c-4d3b-b9ad-f1b99991ff14}

Error: (01/28/2019 02:11:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
Název modulu pro zápis: MSMQ Writer (MSMQ)
Název instance zapisovače: MSMQ Writer (MSMQ)
ID instance modulu pro zápis: {0d75b489-182c-4d3b-b9ad-f1b99991ff14}

Error: (01/28/2019 02:11:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {c172047e-44cd-4d2e-a413-4833275a588c}


System errors:
=============
Error: (01/28/2019 02:45:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (01/28/2019 02:44:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/28/2019 02:44:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/28/2019 02:41:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/28/2019 02:41:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetTcpPortSharing neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/28/2019 02:41:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby NetTcpPortSharing bylo dosaženo časového limitu (30000 ms).

Error: (01/28/2019 02:40:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetMsmqActivator závisí na službě WAS, která neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/28/2019 02:40:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba W3SVC závisí na službě WAS, která neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
===================================
Date: 2019-01-25 13:13:54.098
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Detplock
ID: 2147680291
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\DATA_07 Instalace\PC údržba_instal\pc-decrapifier-3.0.1.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: MM-PC\MM
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.285.113.0, AS: 1.285.113.0, NIS: 1.285.113.0
Verze modulu: AM: 1.1.15600.4, NIS: 1.1.15600.4

Date: 2019-01-12 15:02:05.631
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: BrowserModifier:Win32/Prifou
ID: 224074
Závažnost: Vysoké
Kategorie: Program měnící nastavení prohlížeče
Cesta: file:_C:\Users\MM\AppData\Local\Temp\tmp7750947\tufitede.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: MM-PC\MM
Název procesu: C:\Windows\System32\cmd.exe
Verze podpisu: AV: 1.283.2788.0, AS: 1.283.2788.0, NIS: 1.283.2788.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2019-01-04 08:31:02.270
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Detplock
ID: 2147680291
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\MM\Downloads\pc-decrapifier-3.0.1.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: MM-PC\MM
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.283.2194.0, AS: 1.283.2194.0, NIS: 1.283.2194.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2

CodeIntegrity:
===================================

Date: 2019-01-28 14:04:31.470
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-28 14:04:31.363
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-28 14:04:31.117
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-28 14:04:31.072
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-28 14:04:26.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-28 14:04:22.767
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-23 17:04:24.828
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\AcSignIcon.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-23 17:04:24.746
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Users\MM\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Percentage of memory in use: 51%
Total physical RAM: 3326.49 MB
Available physical RAM: 1599.23 MB
Total Virtual: 6654.49 MB
Available Virtual: 4824.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.32 GB) (Free:191.29 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DISK) (Fixed) (Total:931.28 GB) (Free:110.87 GB) FAT32

\\?\Volume{8f4a8f4a-0000-0000-0000-805474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 8F4A8F4A)
Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 8F598F59)
Partition 1: (Active) - (Size=931.5 GB) - (Type=0C)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu, děkuji.

#7 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:

(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(IObit) C:\Program Files\IObit\iFreeUp\iFreeUpMini.exe
C:\Program Files\IObit
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y2w02
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origi ... w=y2w02&q={searchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origi ... w=y2w02&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> DefaultScope {A474C13C-4057-4FF7-8A1B-4B67CD52B1B8} URL = 
FF Homepage: Mozilla\Firefox\Profiles\fkn1jbez.default-1517395260472 -> hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y2w02
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi => not found
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
U3 idsvc; no ImagePath
2013-02-07 13:22 - 2013-02-07 13:22 - 000050330 _____ () C:\Program Files\AntiDust.exe
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
Task: {0A08A316-66F2-4AA5-ADBF-E2438F3D0413} - System32\Tasks\iFreeUp_SkipUac_MM => C:\Program Files\IObit\iFreeUp\iFreeUp.exe [2016-09-30] (IObit)
2018-05-12 19:38 - 2014-10-16 09:26 - 000622880 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2018-05-12 19:38 - 2013-01-15 17:48 - 000348992 _____ () C:\Program Files\IObit\iFreeUp\madExcept_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000183616 _____ () C:\Program Files\IObit\iFreeUp\madBasic_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000051008 _____ () C:\Program Files\IObit\iFreeUp\madDisAsm_.bpl
2018-05-12 19:38 - 2015-07-29 13:12 - 000561952 _____ () C:\Program Files\IObit\iFreeUp\SQLite3.dll
Task: {0712D985-FE50-4453-B711-9D787D886FEE} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {1FE28DED-329D-4F65-977E-DE59183223D5} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe <==== ATTENTION
Task: {25A498BD-8098-49DC-870B-3613C5B94F05} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {33452792-50BF-4969-AAFD-25FA918E5CC0} - System32\Tasks\{BCD55362-CA17-4697-9E37-2F82DD989112} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
ask: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {51BBDED5-0944-459A-B88E-D5700EB7E934} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {58E10C5E-B5DA-4A19-8169-46B96C322ABF} - System32\Tasks\{BE11830D-5D39-4883-94CE-41DB18416871} => C:\WINDOWS\system32\pcalua.exe -a E:\RUN.EXE -d E:\
Task: {B4BE7187-A7DE-41C0-9194-09F9D119D65F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BCF0BAA4-BF12-4602-870A-947E9545E3D1} - System32\Tasks\{33FC4677-F90D-49E3-90AB-108286B51A8F} => C:\Windows\system32\pcalua.exe -a C:\Users\MM\Downloads\Nokia_PC_Suite_ALL.exe -d C:\Users\MM\Downloads
Task: {DF17705F-16E4-4E4F-BFCF-F3C2A89DC726} - \Torntv 2-updater -> No File <==== ATTENTION
Task: {FA4677CD-F9EC-47DC-9C8A-DC71D2EEC9A3} - System32\Tasks\{84F07497-72BB-41B9-92BA-11DAEC4BC5E6} => C:\Windows\system32\pcalua.exe -a E:\Data\Install\mapsource\MapSource_6156.exe -d E:\Data\Install\mapsource
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\www.emcos.cz\target.lnk -> hxxp://www.emcos.c
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co
AlternateDataStreams: C:\ProgramData\Temp:5F64C164 [246]
FirewallRules: [UDP Query User{1D79CE16-946C-4419-A042-D68A9E01BC4B}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [TCP Query User{7F1D6150-4650-4E73-9847-30E2B605CF1F}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [UDP Query User{BF71FF11-137A-44ED-9458-8D5DA7D18065}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File
FirewallRules: [TCP Query User{3FA63A09-2A5C-4372-9EEA-AA5677204284}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

pcsolim
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 28 led 2019 13:23

Re: Prosím o preventivní kontrolu, děkuji.

#8 Příspěvek od pcsolim »

Fix result of Farbar Recovery Scan Tool (x86) Version: 27-01-2019
Ran by MM (28-01-2019 17:11:59) Run:1
Running from C:\Users\MM\Desktop
Loaded Profiles: MM (Available Profiles: MM & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CloseProcesses:

(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(IObit) C:\Program Files\IObit\iFreeUp\iFreeUpMini.exe
C:\Program Files\IObit
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y2w02
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origi ... w=y2w02&q={searchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxps://search.gmx.com/web/result?origi ... w=y2w02&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107837428-173974533-547177936-1000 -> DefaultScope {A474C13C-4057-4FF7-8A1B-4B67CD52B1B8} URL =
FF Homepage: Mozilla\Firefox\Profiles\fkn1jbez.default-1517395260472 -> hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y2w02
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi => not found
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
U3 idsvc; no ImagePath
2013-02-07 13:22 - 2013-02-07 13:22 - 000050330 _____ () C:\Program Files\AntiDust.exe
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
Task: {0A08A316-66F2-4AA5-ADBF-E2438F3D0413} - System32\Tasks\iFreeUp_SkipUac_MM => C:\Program Files\IObit\iFreeUp\iFreeUp.exe [2016-09-30] (IObit)
2018-05-12 19:38 - 2014-10-16 09:26 - 000622880 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2018-05-12 19:38 - 2013-01-15 17:48 - 000348992 _____ () C:\Program Files\IObit\iFreeUp\madExcept_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000183616 _____ () C:\Program Files\IObit\iFreeUp\madBasic_.bpl
2018-05-12 19:38 - 2013-01-15 17:48 - 000051008 _____ () C:\Program Files\IObit\iFreeUp\madDisAsm_.bpl
2018-05-12 19:38 - 2015-07-29 13:12 - 000561952 _____ () C:\Program Files\IObit\iFreeUp\SQLite3.dll
Task: {0712D985-FE50-4453-B711-9D787D886FEE} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {1FE28DED-329D-4F65-977E-DE59183223D5} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe <==== ATTENTION
Task: {25A498BD-8098-49DC-870B-3613C5B94F05} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {33452792-50BF-4969-AAFD-25FA918E5CC0} - System32\Tasks\{BCD55362-CA17-4697-9E37-2F82DD989112} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
ask: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {51BBDED5-0944-459A-B88E-D5700EB7E934} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {58E10C5E-B5DA-4A19-8169-46B96C322ABF} - System32\Tasks\{BE11830D-5D39-4883-94CE-41DB18416871} => C:\WINDOWS\system32\pcalua.exe -a E:\RUN.EXE -d E:\
Task: {B4BE7187-A7DE-41C0-9194-09F9D119D65F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BCF0BAA4-BF12-4602-870A-947E9545E3D1} - System32\Tasks\{33FC4677-F90D-49E3-90AB-108286B51A8F} => C:\Windows\system32\pcalua.exe -a C:\Users\MM\Downloads\Nokia_PC_Suite_ALL.exe -d C:\Users\MM\Downloads
Task: {DF17705F-16E4-4E4F-BFCF-F3C2A89DC726} - \Torntv 2-updater -> No File <==== ATTENTION
Task: {FA4677CD-F9EC-47DC-9C8A-DC71D2EEC9A3} - System32\Tasks\{84F07497-72BB-41B9-92BA-11DAEC4BC5E6} => C:\Windows\system32\pcalua.exe -a E:\Data\Install\mapsource\MapSource_6156.exe -d E:\Data\Install\mapsource
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\www.emcos.cz\target.lnk -> hxxp://www.emcos.c
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webov� servery ve slu�b� MSN\target.lnk -> hxxp://www.msnusers.co
AlternateDataStreams: C:\ProgramData\Temp:5F64C164 [246]
FirewallRules: [UDP Query User{1D79CE16-946C-4419-A042-D68A9E01BC4B}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [TCP Query User{7F1D6150-4650-4E73-9847-30E2B605CF1F}C:\program files\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files\common files\nokia\fuse\fuse.exe No File
FirewallRules: [UDP Query User{BF71FF11-137A-44ED-9458-8D5DA7D18065}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File
FirewallRules: [TCP Query User{3FA63A09-2A5C-4372-9EEA-AA5677204284}C:\program files\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files\common files\nokia\fuse\fuseservice.exe No File

*****************

Processes closed successfully.
C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe => No running process found
C:\Program Files\IObit\iFreeUp\iFreeUpMini.exe => No running process found
C:\Program Files\IObit => moved successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully.
HKLM\Software\Classes\CLSID\{503739d0-4c5e-4cfd-b3ba-d881334f0df2} => not found
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\S-1-5-21-1107837428-173974533-547177936-1000\Software\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => removed successfully.
HKLM\Software\Classes\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => not found
"HKU\S-1-5-21-1107837428-173974533-547177936-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"Firefox homepage" => removed successfully.
"HKLM\Software\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}" => removed successfully.
"HKLM\Software\Mozilla\Firefox\Extensions\\AllMyTube@Wondershare.com" => removed successfully.
HKLM\Software\MozillaPlugins\@garmin.com/GpsControl => removed successfully.
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully.
idsvc => service removed successfully.
C:\Program Files\AntiDust.exe => moved successfully
HKLM\System\CurrentControlSet\Services\LiveUpdateSvc => removed successfully.
LiveUpdateSvc => service removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A08A316-66F2-4AA5-ADBF-E2438F3D0413}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A08A316-66F2-4AA5-ADBF-E2438F3D0413}" => removed successfully.
C:\Windows\System32\Tasks\iFreeUp_SkipUac_MM => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iFreeUp_SkipUac_MM" => removed successfully.
"C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll" => not found
"C:\Program Files\IObit\iFreeUp\madExcept_.bpl" => not found
"C:\Program Files\IObit\iFreeUp\madBasic_.bpl" => not found
"C:\Program Files\IObit\iFreeUp\madDisAsm_.bpl" => not found
"C:\Program Files\IObit\iFreeUp\SQLite3.dll" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0712D985-FE50-4453-B711-9D787D886FEE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0712D985-FE50-4453-B711-9D787D886FEE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FE28DED-329D-4F65-977E-DE59183223D5}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FE28DED-329D-4F65-977E-DE59183223D5}" => removed successfully.
C:\Windows\System32\Tasks\0 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25A498BD-8098-49DC-870B-3613C5B94F05}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25A498BD-8098-49DC-870B-3613C5B94F05}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33452792-50BF-4969-AAFD-25FA918E5CC0}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33452792-50BF-4969-AAFD-25FA918E5CC0}" => removed successfully.
C:\Windows\System32\Tasks\{BCD55362-CA17-4697-9E37-2F82DD989112} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BCD55362-CA17-4697-9E37-2F82DD989112}" => removed successfully.
ask: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51BBDED5-0944-459A-B88E-D5700EB7E934}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51BBDED5-0944-459A-B88E-D5700EB7E934}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58E10C5E-B5DA-4A19-8169-46B96C322ABF}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58E10C5E-B5DA-4A19-8169-46B96C322ABF}" => removed successfully.
C:\Windows\System32\Tasks\{BE11830D-5D39-4883-94CE-41DB18416871} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE11830D-5D39-4883-94CE-41DB18416871}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4BE7187-A7DE-41C0-9194-09F9D119D65F}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4BE7187-A7DE-41C0-9194-09F9D119D65F}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCF0BAA4-BF12-4602-870A-947E9545E3D1}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCF0BAA4-BF12-4602-870A-947E9545E3D1}" => removed successfully.
C:\Windows\System32\Tasks\{33FC4677-F90D-49E3-90AB-108286B51A8F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{33FC4677-F90D-49E3-90AB-108286B51A8F}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF17705F-16E4-4E4F-BFCF-F3C2A89DC726}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF17705F-16E4-4E4F-BFCF-F3C2A89DC726}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Torntv 2-updater => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA4677CD-F9EC-47DC-9C8A-DC71D2EEC9A3}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA4677CD-F9EC-47DC-9C8A-DC71D2EEC9A3}" => removed successfully.
C:\Windows\System32\Tasks\{84F07497-72BB-41B9-92BA-11DAEC4BC5E6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{84F07497-72BB-41B9-92BA-11DAEC4BC5E6}" => removed successfully.
C:\Users\MM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk => moved successfully
C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\www.emcos.cz\target.lnk => moved successfully
C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webov� servery ve slu�b� MSN\target.lnk => not found.
C:\ProgramData\Temp => ":5F64C164" ADS removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1D79CE16-946C-4419-A042-D68A9E01BC4B}C:\program files\common files\nokia\fuse\fuse.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7F1D6150-4650-4E73-9847-30E2B605CF1F}C:\program files\common files\nokia\fuse\fuse.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BF71FF11-137A-44ED-9458-8D5DA7D18065}C:\program files\common files\nokia\fuse\fuseservice.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3FA63A09-2A5C-4372-9EEA-AA5677204284}C:\program files\common files\nokia\fuse\fuseservice.exe" => removed successfully.


The system needed a reboot.

==== End of Fixlog 17:12:32 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu, děkuji.

#9 Příspěvek od Diallix »

Dobre, urobte este nasledovne:

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

Task: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

pcsolim
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 28 led 2019 13:23

Re: Prosím o preventivní kontrolu, děkuji.

#10 Příspěvek od pcsolim »

Fix result of Farbar Recovery Scan Tool (x86) Version: 27-01-2019
Ran by MM (28-01-2019 17:37:31) Run:2
Running from C:\Users\MM\Desktop
Loaded Profiles: MM (Available Profiles: MM & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Task: {48E5913B-1814-4107-93FE-76B6C1B776F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Shortcut: C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48E5913B-1814-4107-93FE-76B6C1B776F6}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48E5913B-1814-4107-93FE-76B6C1B776F6}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully.
C:\Users\MM\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk => moved successfully

==== End of Fixlog 17:37:31 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu, děkuji.

#11 Příspěvek od Diallix »

Super.

Ako je na tom pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět