Zpomalené Windows 10
Napsal: 02 srp 2019 19:48
Ahoj, mohu požádat o prověření mého logu z pc WIN10 - příjde mi poslední dobou dost zpomalený. Děkuji moc. Roman.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2019
Ran by Roman (administrator) on ROMANPCSTOLNI (02-08-2019 20:41:56)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman & postgres (Available Profiles: Roman & postgres)
Platform: Windows 10 Pro Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Abstradrome -> ) C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe
(Abstradrome -> ) C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe
(Abstradrome -> ) C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(LLC Mail.Ru -> Mail.Ru) C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe
(LLC Mail.Ru -> Mail.Ru) C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe
(LLC Mail.Ru -> Mail.Ru) C:\Users\Roman\AppData\Local\Mail.Ru\MailRuUpdater.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELSAWINDB\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Roman\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.881_none_eada7c8e1d8131a8\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera_crashreporter.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PacketVideo Corporation -> ) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(PacketVideo Corporation -> PacketVideo) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
(PacketVideo Corporation -> PacketVideo) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\NETIS\USB Wireless LAN Utility\RtlService.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrAuf.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrSaz.exe
(WZTeam -> MSFree Inc.) [File not signed] C:\ProgramData\KMSAutoS\bin\KMSSS.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4047480 2012-11-30] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [706392 2017-12-19] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\Shell.exe [90336 2013-05-08] (Abstradrome -> )
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4047480 2012-11-30] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) [File not signed]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-01-12] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [GoogleDriveSync] => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [Xvid] => WScript "C:\Program Files (x86)\Xvid\CheckUpdateLauncher.vbs" "C:\Program Files (x86)\Xvid\CheckUpdate.ps1"
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [MailRuUpdater] => C:\Users\Roman\AppData\Local\Mail.Ru\MailRuUpdater.exe [3532472 2019-07-30] (LLC Mail.Ru -> Mail.Ru) <==== ATTENTION
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\MountPoints2: {04a3cb45-021c-11e8-877d-20cf3019fea6} - "J:\setup.exe"
HKU\S-1-5-21-2651452621-253113433-2049451952-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [251392 2017-12-08] () [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-23] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2019-03-27]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo Corporation -> PacketVideo) [File not signed]
Startup: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar587.lnk [2018-05-15]
ShortcutTarget: Sidebar587.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {39A1B2C2-DDCF-426D-8EEC-E62B0ABB8295} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6450840 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CA61047-2D9E-4161-835D-EF9C4F1F4B0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {426C0F95-27F3-42A6-B615-719F81314AEE} - System32\Tasks\MailRuUpdater => C:\Users\Roman\AppData\Local\Mail.Ru\MailRuUpdater.exe [3532472 2019-07-30] (LLC Mail.Ru -> Mail.Ru) <==== ATTENTION
Task: {47BF93D7-FAF3-4CD4-8B3D-9175F322B29D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [154072 2019-07-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {61522D01-834A-4E85-961E-D3A815F0B343} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {61995F13-8F55-40BA-83CA-69123EEF307E} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-76OS37T-Roman => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6C3CA610-B5B9-4E37-8DA6-1607BB3AB458} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-26] (Google Inc -> Google Inc.)
Task: {6E03FD6F-9708-43B2-9A47-77374A54316F} - System32\Tasks\Opera scheduled Autoupdate 1518342991 => C:\Program Files\Opera\launcher.exe [1519640 2019-07-24] (Opera Software AS -> Opera Software)
Task: {6F76F035-4E18-4C13-BBC2-3DCDFE2E5244} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2047368 2019-07-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {80F00345-548D-409F-B300-96589FCF79B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-10] (Adobe Inc. -> Adobe)
Task: {884AAB95-0C62-4AD5-83C5-D96BC1121070} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {8AD2E2AF-4285-4714-8AB7-7F0CB71A5312} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-26] (Google Inc -> Google Inc.)
Task: {94A07625-4349-40A8-9606-2FEDDDB65AC3} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe [1750488 2018-07-19] (Nero AG -> Nero AG)
Task: {A7FB8686-81A4-42E3-BFE8-B12F25CA0357} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7018264 2018-07-18] (Nero AG -> Nero AG)
Task: {BECD1FF9-6CF0-404C-B3AD-1AEC1A94B094} - System32\Tasks\ASUS Patch for VIA Audio => C:\WINDOWS\system32\AsPatchViaAudio.exe [160448 2012-11-07] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.)
Task: {C0D6E8C7-768D-4193-B4EC-9DA086DDAF9B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [154072 2019-07-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C273A340-146C-4303-A266-7D6F0ABD0413} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2651452621-253113433-2049451952-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {CBB07E27-6441-44DE-9A10-7433208B0FD7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6450840 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFDA9104-5DF4-49F3-AABC-593FD3DE0B0B} - System32\Tasks\AdobeGCInvoker-1.0-ROMANPCSTOLNI-Roman => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D9774324-F193-4B35-8129-25BDC46413C0} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [8767160 2016-12-17] (WZTeam -> MSFree Inc.) [File not signed]
Task: {DFD2A452-FDD9-4591-8BE8-7444741ECAA4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-10] (Adobe Inc. -> Adobe)
Task: {E705FDB6-1FCA-4863-841E-AF8F54867D7D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2206352 2019-07-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEF74FC1-54DC-4E27-BF57-51F9E047085C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {F00FE203-686D-422F-8506-B42D538EC072} - System32\Tasks\simplitec Power Suite (Autopilot.exe) => C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe [1058776 2018-07-19] (Nero AG -> Nero AG)
Task: {F1F631A4-3C66-4D11-B72E-B4B8DDFCFFDE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2206352 2019-07-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F53EF18F-6E92-45DB-A229-8EF4D1BD3987} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {FE4322F1-E0D4-462C-B39A-E670619F1C3B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\simplitec Power Suite (Autopilot.exe).job => C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe C:\Program Files (x86)\Nero\Nero TuneItUp\ROMANPCSTOLNI\Roman&simplitec Power Suite (Autopilot.exe
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{09273f41-5daf-4fb2-a764-3fb9b3244b5f}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{75da9a98-fb9f-4c42-9b11-64868e5fca1b}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Internet Explorer:
==================
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mail.ru/cnt/10445?gp=834423
SearchScopes: HKU\S-1-5-21-2651452621-253113433-2049451952-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B03C78D3A-BDA3-4F33-82F9-D82D07BE0DC0%7D&gp=811610
SearchScopes: HKU\S-1-5-21-2651452621-253113433-2049451952-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B03C78D3A-BDA3-4F33-82F9-D82D07BE0DC0%7D&gp=811610
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-07-23] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Search@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\Roman\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll [2019-07-30] (LLC Mail.Ru -> Mail.Ru)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-07-23] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - D:\ElsaWin\bin\wiprot.dll [2011-12-06] (TODO: <Company name>) [File not signed]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-07-23]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://inline.go.mail.ru/homepage?inline_comp=chxtnhp15.1.4.3&inline_hp_cnt=31463255
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811610"
CHR NewTab: Default -> "chrome-extension://hjdkfkdkokphfploiiddakjokndinfgb/visual-bookmarks.html"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B6B9843D5-779E-41FF-9F53-BD2007A5A05C%7D&gp=811610
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default [2019-07-30]
CHR Extension: (Slides) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-07]
CHR Extension: (Docs) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-07]
CHR Extension: (Google Drive) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-07]
CHR Extension: (YouTube) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-07]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-24]
CHR Extension: (Sheets) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-07]
CHR Extension: (YouTube Flash Video Player) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fldkdmkgnlbehfgeifjpjabmandnchpe [2018-02-11]
CHR Extension: (Google Docs Offline) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-17]
CHR Extension: (Avast Online Security) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-24]
CHR Extension: (Визуальные закладки) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjdkfkdkokphfploiiddakjokndinfgb [2019-07-30]
CHR Extension: (Домашняя страница и поиск от Mail.Ru) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-02-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-17]
CHR Extension: (Gmail) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-07]
CHR Extension: (Chrome Media Router) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2651452621-253113433-2049451952-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hjdkfkdkokphfploiiddakjokndinfgb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iepoegkaoeljnbhagabakjodgpfniimo] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Google Translate) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2019-07-30]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-08-02]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2017-12-19] (Autodesk, Inc. -> Autodesk Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [238080 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-01-12] (Disc Soft Ltd -> Disc Soft Ltd)
R2 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] (Abstradrome -> )
R2 KMSEmulator; C:\ProgramData\KMSAutoS\bin\KMSSS.exe [35504 2016-11-05] (WZTeam -> MSFree Inc.) [File not signed]
R2 LcSvrAdm; D:\ElsaWin\bin\LcSvrAdm.exe [262656 2017-03-14] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; D:\ElsaWin\bin\LcSvrAuf.exe [1352704 2017-03-14] (Volkswagen AG) [File not signed]
R2 LcSvrDba; D:\ElsaWin\bin\LcSvrDba.exe [435712 2017-03-14] (Volkswagen AG) [File not signed]
R2 LcSvrHis; D:\ElsaWin\bin\LcSvrHis.exe [387072 2017-03-14] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; D:\ElsaWin\bin\LcSvrPas.exe [519680 2017-03-14] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; D:\ElsaWin\bin\LcSvrSaz.exe [438784 2017-03-14] (Volkswagen AG) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-07-23] (McAfee, LLC -> McAfee, Inc.)
R2 mrupdsrv; C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe [1314008 2019-07-30] (LLC Mail.Ru -> Mail.Ru) <==== ATTENTION
R2 MSSQL$ELSAWINDB; C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELSAWINDB\MSSQL\Binn\sqlservr.exe [62218696 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 RealtekWlanU; C:\Program Files (x86)\NETIS\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\NETIS\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-15] (Realtek Semiconductor Corp -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5073792 2019-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$ELSAWINDB; C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELSAWINDB\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [629624 2014-05-12] (PacketVideo Corporation -> PacketVideo) [File not signed]
R2 Updater.Mail.Ru; C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe [3532472 2019-07-30] (LLC Mail.Ru -> Mail.Ru) <==== ATTENTION
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 postgresql-x64-9.2; C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N "postgresql-x64-9.2" -D "C:/Program Files/PostgreSQL/9.2/data" -w [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [11922944 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [359936 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37320 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209256 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263224 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206056 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61688 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279336 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42504 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477288 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387896 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-01-26] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dmvsc; C:\WINDOWS\System32\drivers\dmvsc.sys [47104 2018-04-12] (Microsoft Windows -> Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-01-26] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-01-26] (Disc Soft Ltd -> Disc Soft Ltd)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [196152 2018-01-26] (Disc Soft Ltd -> Duplex Secure Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R2 aswMonFlt; system32\drivers\aswMonFlt.sys [X]
R2 aswStm; system32\drivers\aswStm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-02 20:41 - 2019-08-02 20:43 - 000041242 ____C C:\Users\Roman\Desktop\FRST.txt
2019-08-02 20:40 - 2019-08-02 20:41 - 000000000 ___DC C:\Users\Roman\Desktop\VIRYCZ
2019-08-02 20:40 - 2019-08-02 20:40 - 002096128 ____C (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2019-07-31 23:10 - 2019-07-31 23:10 - 000000000 ___DC C:\Users\Roman\Documents\Blackmagic Design
2019-07-31 23:10 - 2019-07-31 23:10 - 000000000 ____D C:\Users\Public\Documents\Blackmagic Design
2019-07-31 23:06 - 2019-07-31 23:06 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\Blackmagic Design
2019-07-31 23:04 - 2019-07-31 23:04 - 000002012 ____C C:\Users\Roman\Desktop\DaVinci Resolve Project Server.lnk
2019-07-31 23:04 - 2019-07-31 23:04 - 000001992 ____C C:\Users\Roman\Desktop\Resolve.lnk
2019-07-31 23:03 - 2019-07-31 23:04 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2019-07-31 23:03 - 2019-07-31 23:03 - 000000000 ____D C:\Program Files\Blackmagic Design
2019-07-31 22:56 - 2019-07-31 22:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2019-07-31 22:56 - 2019-07-31 22:56 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2019-07-31 22:45 - 2019-07-31 22:45 - 000000000 ____D C:\ProgramData\Blackmagic Design
2019-07-31 22:44 - 2019-07-31 22:44 - 000001914 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2019-07-31 22:44 - 2019-07-31 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2019-07-31 22:43 - 2019-07-31 22:44 - 000000000 ____D C:\Program Files (x86)\QuickTime
2019-07-31 22:43 - 2019-07-31 22:43 - 000000000 ___DC C:\Users\Roman\AppData\LocalLow\Apple Computer
2019-07-31 22:42 - 2019-07-31 22:42 - 000000020 ___SH C:\Users\postgres\ntuser.ini
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Šablony
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Soubory cookie
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Poslední
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Okolní tiskárny
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Okolní síť
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Nabídka Start
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Dokumenty
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Documents\Obrázky
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Documents\Hudba
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Documents\Filmy
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Data aplikací
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\AppData\Local\Data aplikací
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 ____D C:\Users\postgres
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.2
2019-07-31 22:42 - 2018-04-12 01:34 - 000001105 _____ C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-31 22:40 - 2019-07-31 22:40 - 000000000 ____D C:\Program Files\PostgreSQL
2019-07-31 21:15 - 2019-07-31 21:15 - 000001139 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-07-31 19:20 - 2019-07-31 19:20 - 000000000 ___HD C:\$WINDOWS.~BT
2019-07-31 18:46 - 2019-07-31 21:14 - 000000000 ____D C:\ESD
2019-07-31 18:42 - 2019-07-31 18:42 - 019256968 ____C (Microsoft Corporation) C:\Users\Roman\Desktop\MediaCreationTool1903.exe
2019-07-31 18:42 - 2019-07-31 18:42 - 000000000 ___HD C:\$Windows.~WS
2019-07-31 18:38 - 2019-07-31 21:26 - 000000000 ___DC C:\Users\Roman\AppData\LocalLow\uTorrent
2019-07-30 21:22 - 2019-07-30 21:42 - 000000412 __RSH C:\ProgramData\ntuser.pol
2019-07-30 21:11 - 2019-07-31 21:24 - 000000000 ___DC C:\Users\Roman\AppData\Local\BitTorrentHelper
2019-07-30 21:07 - 2019-07-30 21:07 - 000000000 ___DC C:\Users\Roman\Desktop\Isoburner
2019-07-30 21:04 - 2019-07-31 23:14 - 000002260 _____ C:\WINDOWS\System32\Tasks\MailRuUpdater
2019-07-30 21:04 - 2019-07-30 21:04 - 000000000 ___DC C:\Users\Roman\AppData\Local\Mail.Ru
2019-07-30 21:04 - 2019-07-30 21:04 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-07-30 21:04 - 2019-07-30 21:04 - 000000000 ____D C:\Program Files (x86)\Mail.Ru
2019-07-30 20:58 - 2019-07-30 20:59 - 000000000 ___DC C:\Users\Roman\Desktop\NERO 2019 crack
2019-07-30 20:53 - 2019-07-30 20:53 - 000000000 ___DC C:\Users\Roman\AppData\Local\Nero
2019-07-30 20:52 - 2019-07-31 23:14 - 000002526 _____ C:\WINDOWS\System32\Tasks\simplitec Power Suite (Autopilot.exe)
2019-07-30 20:52 - 2019-07-31 23:14 - 000000456 _____ C:\WINDOWS\Tasks\simplitec Power Suite (Autopilot.exe).job
2019-07-30 20:52 - 2019-07-30 20:52 - 000001402 _____ C:\Users\Public\Desktop\Nero Start.lnk
2019-07-30 20:52 - 2019-07-30 20:52 - 000000000 ___DC C:\Users\Roman\AppData\Local\NeroLauncher
2019-07-30 20:52 - 2019-07-30 20:52 - 000000000 ___DC C:\Users\Roman\AppData\Local\cache
2019-07-30 20:51 - 2019-07-31 23:14 - 000002546 _____ C:\WINDOWS\System32\Tasks\simplitec Power Suite
2019-07-30 20:51 - 2019-07-31 23:14 - 000000362 _____ C:\WINDOWS\Tasks\simplitec Power Suite.job
2019-07-30 20:51 - 2019-07-30 20:51 - 000001389 _____ C:\Users\Public\Desktop\1-Click Optimisation.lnk
2019-07-30 20:51 - 2019-07-30 20:51 - 000001343 _____ C:\Users\Public\Desktop\Nero TuneItUp.lnk
2019-07-30 20:51 - 2019-07-30 20:51 - 000000000 ____D C:\WINDOWS\System32\Tasks\Nero
2019-07-30 20:51 - 2019-07-30 20:51 - 000000000 ____D C:\ProgramData\simplitec
2019-07-30 20:51 - 2019-07-30 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\System optimization
2019-07-30 20:50 - 2019-07-30 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2019
2019-07-30 20:49 - 2019-07-30 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2019-07-30 20:49 - 2019-07-30 20:51 - 000000000 ____D C:\Program Files (x86)\Nero
2019-07-30 20:48 - 2019-07-30 20:52 - 000000000 ____D C:\ProgramData\Nero
2019-07-30 20:46 - 2019-07-30 20:53 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\Nero
2019-07-25 07:56 - 2019-07-25 08:49 - 000012518 ____C C:\Users\Roman\AppData\Roaming\SerialClonerPrefs
2019-07-25 07:38 - 2019-07-25 07:38 - 000001161 _____ C:\Users\Public\Desktop\Serial Cloner.lnk
2019-07-25 07:38 - 2019-07-25 07:38 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\SerialCloner
2019-07-25 07:38 - 2019-07-25 07:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serial Cloner
2019-07-25 07:38 - 2019-07-25 07:38 - 000000000 ____D C:\Program Files (x86)\Serial Cloner
2019-07-25 07:37 - 2019-07-25 07:37 - 008114223 ____C (SerialBasics ) C:\Users\Roman\Desktop\SerialCloner2-6_Install.exe
2019-07-25 07:34 - 2019-07-31 18:38 - 000168896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3709ac2f23d807e5.tmp
2019-07-25 07:34 - 2019-07-25 07:33 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-07-25 07:34 - 2019-07-25 07:33 - 000225816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw421fb86429ef4487.tmp
2019-07-23 21:00 - 2019-07-23 21:00 - 000002690 ____C C:\Users\Roman\Desktop\1click.cmd
2019-07-23 19:21 - 2019-07-29 19:24 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-07-23 08:26 - 2019-07-23 08:26 - 000001107 _____ C:\Users\Public\Desktop\Prohlížeč Opera.lnk
2019-07-12 13:41 - 2019-07-12 13:50 - 000035088 ____C C:\Users\Roman\Desktop\Pizza_pec_stůl.bak
2019-07-12 13:34 - 2019-07-12 18:15 - 000000206 ___HC C:\Users\Roman\Desktop\Pizza_pec_stůl.dwl2
2019-07-12 13:34 - 2019-07-12 18:15 - 000000054 ___HC C:\Users\Roman\Desktop\Pizza_pec_stůl.dwl
2019-07-10 08:18 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-10 08:18 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-10 08:18 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-10 08:18 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-10 08:18 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-10 08:18 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-10 08:18 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-10 08:18 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-10 08:18 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-10 08:18 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-10 08:18 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-10 08:18 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-10 08:18 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-10 08:18 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-10 08:18 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-10 08:18 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-10 08:18 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 08:18 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-10 08:18 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-10 08:18 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-10 08:18 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-10 08:18 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-10 08:18 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-10 08:18 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-10 08:18 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-10 08:18 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-10 08:18 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-10 08:18 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-10 08:18 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-10 08:18 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-10 08:18 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-10 08:18 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-10 08:18 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-10 08:18 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-10 08:18 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-10 08:18 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-10 08:18 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-10 08:18 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-10 08:18 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-10 08:18 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-10 08:18 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-10 08:18 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-10 08:18 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-10 08:18 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-10 08:18 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-10 08:18 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 08:18 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 08:18 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-10 08:18 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-10 08:17 - 2019-07-04 11:45 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-07-10 08:17 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-10 08:17 - 2019-07-04 11:41 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-07-10 08:17 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-10 08:17 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-10 08:17 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-10 08:17 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-10 08:17 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-10 08:17 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-10 08:17 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-10 08:17 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-10 08:17 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-10 08:17 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-10 08:17 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-10 08:17 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-10 08:17 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-10 08:17 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-10 08:17 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-10 08:17 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-10 08:17 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-10 08:17 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-10 08:17 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-10 08:17 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-10 08:17 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-10 08:17 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-10 08:17 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-10 08:17 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-10 08:17 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-10 08:17 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-10 08:17 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-10 08:17 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-10 08:17 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-10 08:17 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-10 08:17 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 08:17 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-10 08:17 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 08:17 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-10 08:17 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-10 08:17 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-10 08:17 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-10 08:17 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-10 08:17 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-10 08:17 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-10 08:17 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-10 08:17 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-10 08:17 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-10 08:17 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-10 08:17 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-10 08:17 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-10 08:17 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-10 08:17 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-10 08:17 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-10 08:17 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-10 08:17 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-10 08:17 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-10 08:17 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-10 08:17 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-10 08:17 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 08:17 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-10 08:17 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-10 08:17 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-10 08:17 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-10 08:17 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-10 08:17 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-10 08:17 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-10 08:17 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-10 08:17 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-10 08:17 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-10 08:17 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-10 08:17 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-10 08:17 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-10 08:17 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-10 08:17 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-10 08:17 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-10 08:17 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-10 08:17 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-10 08:17 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-10 08:17 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-10 08:17 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-10 08:17 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-10 08:17 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-10 08:17 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-10 08:17 - 2019-06-13 13:43 - 001427984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-07-10 08:17 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-10 08:17 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-10 08:17 - 2019-06-13 13:42 - 002266936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-07-10 08:17 - 2019-06-13 13:42 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-07-10 08:17 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-10 08:17 - 2019-06-13 13:41 - 001626936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-07-10 08:17 - 2019-06-13 13:41 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-07-10 08:17 - 2019-06-13 13:41 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-07-10 08:17 - 2019-06-13 13:41 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-07-10 08:17 - 2019-06-13 13:40 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-07-10 08:17 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-10 08:17 - 2019-06-13 13:40 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-07-10 08:17 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-10 08:17 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-10 08:17 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-10 08:17 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-10 08:17 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-10 08:17 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-10 08:17 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-10 08:17 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-10 08:17 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-10 08:17 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-10 08:17 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-10 08:17 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-10 08:17 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-10 08:17 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-10 08:17 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-10 08:17 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-10 08:17 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-10 08:17 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-10 08:17 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-10 08:17 - 2019-06-13 12:11 - 001539896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-07-10 08:17 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-10 08:17 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-10 08:17 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-10 08:17 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-10 08:17 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-10 08:17 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-10 08:17 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-10 08:17 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-10 08:17 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-10 08:17 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-10 08:17 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-10 08:17 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-10 08:17 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-10 08:17 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-10 08:17 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-10 08:17 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-10 08:17 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-10 08:17 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-10 08:17 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-10 08:17 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-10 08:17 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-10 08:17 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-10 08:17 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-10 08:17 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-10 08:17 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-10 08:17 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-10 08:17 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-10 08:17 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-10 08:17 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-10 08:17 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-10 08:17 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-10 08:17 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-10 08:17 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-10 08:17 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-10 08:17 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-10 08:17 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-10 08:17 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-10 08:17 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-10 08:17 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-10 08:17 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-10 08:17 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-10 08:17 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-10 08:17 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-10 08:17 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-10 08:17 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-10 08:17 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-10 08:17 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-10 08:17 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-10 08:17 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-10 08:17 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-10 08:17 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-10 08:17 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-10 08:17 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-10 08:17 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-10 08:17 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-10 08:17 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-10 08:17 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-10 08:17 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-10 08:17 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-10 08:17 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-10 08:17 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-10 08:17 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-10 08:17 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-10 08:17 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-10 08:17 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-10 08:17 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 08:17 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-02 20:44 - 2018-05-06 06:52 - 000000000 ____D C:\ProgramData\TEMP
2019-08-02 20:41 - 2018-02-06 20:05 - 000000000 ____D C:\FRST
2019-08-02 20:37 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-02 20:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-02 20:35 - 2018-11-20 21:25 - 000000000 ____D C:\Program Files\rempl
2019-08-02 20:34 - 2019-03-27 15:30 - 000000000 ____D C:\ProgramData\TwonkyServer
2019-08-02 20:34 - 2018-05-15 21:45 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-08-02 20:31 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-02 20:31 - 2018-02-11 11:53 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\Apple Computer
2019-07-31 23:14 - 2019-01-02 13:46 - 000002814 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-ROMANPCSTOLNI-Roman
2019-07-31 23:14 - 2018-11-24 21:14 - 000003108 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
2019-07-31 23:14 - 2018-08-25 18:20 - 000002628 _____ C:\WINDOWS\System32\Tasks\ASUS Patch for VIA Audio
2019-07-31 23:14 - 2018-05-15 21:45 - 000003828 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-31 23:14 - 2018-05-15 21:45 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-07-31 23:14 - 2018-05-15 21:45 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-07-31 23:14 - 2018-05-15 21:45 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-31 23:14 - 2018-05-15 21:45 - 000003302 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1518342991
2019-07-31 23:14 - 2018-05-15 21:45 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-31 23:14 - 2018-05-15 21:45 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2651452621-253113433-2049451952-1001
2019-07-31 23:14 - 2018-05-15 21:45 - 000002778 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2019-07-31 23:14 - 2018-05-15 21:45 - 000002726 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-76OS37T-Roman
2019-07-31 23:14 - 2018-05-15 21:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-07-31 23:05 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-31 22:46 - 2018-01-26 00:39 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\vlc
2019-07-31 22:37 - 2018-05-15 21:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-31 21:26 - 2018-01-27 18:41 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\uTorrent
2019-07-31 21:14 - 2018-05-14 09:48 - 000000000 ___DC C:\WINDOWS\Panther
2019-07-31 20:26 - 2018-05-15 21:37 - 000002404 ____C C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-31 20:26 - 2018-01-26 00:09 - 000000000 ___RD C:\Users\Roman\OneDrive
2019-07-31 18:48 - 2018-01-26 00:58 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-07-31 18:48 - 2018-01-26 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-07-31 18:48 - 2018-01-26 00:58 - 000000000 ____D C:\Program Files\WinRAR
2019-07-31 18:41 - 2018-11-24 21:14 - 000000000 ____D C:\ProgramData\KMSAutoS
2019-07-31 18:38 - 2018-01-27 13:24 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-07-30 22:13 - 2018-08-25 17:45 - 000000000 ___DC C:\Users\Roman\AppData\Local\CrashDumps
2019-07-30 21:04 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2019-07-30 21:04 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-07-30 20:28 - 2019-01-11 12:21 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-07-30 20:28 - 2018-02-11 11:56 - 000000000 ____D C:\Program Files\Opera
2019-07-29 19:26 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-29 19:24 - 2018-06-18 14:43 - 000000000 ____D C:\Program Files\Microsoft Office
2019-07-25 20:57 - 2018-01-27 13:24 - 000387896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-07-25 07:34 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-25 07:33 - 2019-02-13 10:27 - 000279336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-07-25 07:33 - 2019-01-19 18:39 - 000263224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-07-25 07:33 - 2019-01-17 10:09 - 000206056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-07-25 07:33 - 2019-01-17 10:09 - 000061688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-07-25 07:33 - 2019-01-17 10:09 - 000037320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-07-25 07:33 - 2018-11-04 09:19 - 000042504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-07-25 07:33 - 2018-01-27 13:24 - 000477288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-07-25 07:33 - 2018-01-27 13:24 - 000209256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-07-25 07:33 - 2018-01-27 13:24 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-07-25 07:33 - 2018-01-27 13:24 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-07-23 08:26 - 2018-02-01 20:17 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-12 18:15 - 2019-06-16 12:14 - 000035022 ____C C:\Users\Roman\Desktop\Pizza_pec_stůl.dwg
2019-07-10 09:35 - 2018-05-15 21:47 - 001874340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-10 09:35 - 2018-04-12 17:51 - 000781056 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-10 09:35 - 2018-04-12 17:51 - 000169360 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-10 09:30 - 2018-01-26 01:29 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-07-10 09:29 - 2018-05-15 21:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-10 09:29 - 2018-05-15 21:33 - 000498888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-10 09:29 - 2018-01-26 00:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 09:29 - 2018-01-26 00:05 - 000000000 ___RD C:\Users\Roman\3D Objects
2019-07-10 09:26 - 2018-04-12 17:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-10 09:26 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-10 09:26 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-10 08:22 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-10 08:16 - 2018-01-26 15:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 08:11 - 2018-01-26 15:24 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-10 07:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-10 07:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
==================== Files in the root of some directories ================
2018-03-18 21:37 - 2018-05-15 19:59 - 000002394 _____ () C:\Users\Roman\IP_Log_Data.js
2018-03-18 22:00 - 2018-05-15 21:00 - 000003599 _____ () C:\Users\Roman\Network_Meter_Data.js
2018-05-09 21:43 - 2018-05-09 21:46 - 000000624 ____C () C:\Users\Roman\AppData\Roaming\All CPU MeterV3_Settings.ini
2018-03-18 22:30 - 2018-05-15 21:03 - 000000026 ____C () C:\Users\Roman\AppData\Roaming\Network Meter_Usage.ini
2019-07-25 07:56 - 2019-07-25 08:49 - 000012518 ____C () C:\Users\Roman\AppData\Roaming\SerialClonerPrefs
2019-03-27 18:05 - 2019-03-27 18:05 - 000000001 ____C () C:\Users\Roman\AppData\Local\llftool.4.40.agreement
2018-11-04 09:23 - 2018-11-04 09:23 - 000000000 ____C () C:\Users\Roman\AppData\Local\oobelibMkey.log
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2019
Ran by Roman (02-08-2019 20:45:08)
Running from C:\Users\Roman\Desktop
Windows 10 Pro Version 1803 17134.885 (X64) (2018-05-15 19:45:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2651452621-253113433-2049451952-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2651452621-253113433-2049451952-503 - Limited - Disabled)
Guest (S-1-5-21-2651452621-253113433-2049451952-501 - Limited - Enabled)
postgres (S-1-5-21-2651452621-253113433-2049451952-1006 - Limited - Enabled) => C:\Users\postgres
Roman (S-1-5-21-2651452621-253113433-2049451952-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-2651452621-253113433-2049451952-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.)
8GadgetPack (HKLM-x32\...\{E6BA0C10-856E-452A-954C-85F41072385F}) (Version: 25.0.0 - 8GadgetPack.net)
A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Premiere Elements 15 (HKLM-x32\...\{FD45A9C9-02BE-4E62-8629-78DF29A10FF5}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - )
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.5 - Arduino LLC)
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack - English (HKLM\...\{28B89EEF-1001-0409-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\{6ED27C84-0000-1033-0102-D4DAEFFC23C2}) (Version: 4.0.0.28 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 4.0.0.28 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Brother MFL-Pro Suite DCP-9020CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7042 - CDBurnerXP)
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.0.0337 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
DaVinci Resolve (HKLM\...\{1A5510D0-742F-4CDC-AB09-57C19F19C04D}) (Version: 16.0.0050 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 3.4.0.27 - DiskInternals Research)
Dukto R6 (HKLM-x32\...\{386C0311-B146-4CE0-89E5-8469A3583156}}_is1) (Version: R6 - Emanuele Colombo)
ElsaWin (HKLM-x32\...\ElsaWin) (Version: 6.00 - )
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.3.7 - CEWE Stiftung u Co. KGaA)
Free FLAC to MP3 Converter 1.4 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: 1.4 - PolySoft Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HDD Regenerator (HKLM-x32\...\{CC5DA723-D428-40D1-B82B-21EB64B1273C}) (Version: 20.11.0011 - Abstradrome)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
JDiskReport 1.4.1 (HKLM-x32\...\JDiskReport 1.4.1) (Version: 1.4.1 (2014-02-26 11:50:44) - JGoodies Karsten Lentzsch)
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.80 - McAfee, LLC.)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\OneDriveSetup.exe) (Version: 19.126.0627.0002 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
MiniTool Partition Wizard Free 11 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
Movavi Video Suite 15 (HKLM-x32\...\Movavi Video Suite 15) (Version: 15.4.0 - Movavi)
Nero BurningROM 2019 (HKLM-x32\...\{798AC6BA-CF99-4585-BD3A-89A51CB10530}) (Version: 20.0.00900 - Nero AG)
Nero Core (HKLM-x32\...\{85EFC653-C416-4759-BFD0-0A0095B3FFAC}) (Version: 1.2.00200 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 20.0.1011 - Nero AG)
Nero TuneItUp (HKLM-x32\...\Nero_tuneitup_is1) (Version: 2.8.0.84 - Nero AG)
NETIS Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0290 - Netis Systems Co., Ltd.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Opera Stable 62.0.3331.99 (HKLM-x32\...\Opera 62.0.3331.99) (Version: 62.0.3331.99 - Opera Software)
Paragon Partition Manager™ 14 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.7.232 - Autodesk)
PostgreSQL 9.2 (HKLM\...\PostgreSQL 9.2) (Version: 9.2 - PostgreSQL Global Development Group)
Prerequisite installer (HKLM-x32\...\{37E15A76-F310-4C62-9D32-EE96C83BBD2C}) (Version: 20.2.0001 - Nero AG) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version: - )
Serial Cloner version 2.6.1 (HKLM-x32\...\{6EA0A7CE-3989-4A96-9363-E7F2697F52A3}_is1) (Version: 2.6.1 - SerialBasics)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Siko Kitchen Planner Web (HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\SquareClock_Production_Home_5-2_290df3ae) (Version: - 3DVIA SAS)
Simple Time Lapse (HKLM-x32\...\{D07A4321-C78A-4442-8DC2-F63F1A2D08E3}) (Version: 1.0.1 - Limosoft)
SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{51E5BC99-A087-4CFF-8D93-462903EA7E12}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Twonky Server (HKLM-x32\...\TwonkyServer) (Version: 7.3.0.0 - PacketVideo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.5) (Version: 1.3.5 - Xvid Team)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Служба автоматического обновления программ (HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\MailRuUpdater) (Version: - Mail.Ru) <==== ATTENTION
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-06-18] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-12] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.1.1.1_x86__h6adky7gbf63m [2019-07-12] (Gameloft.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.2.0.9_x86__h6adky7gbf63m [2019-07-30] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-23] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-23] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0 [2019-08-02] (Spotify AB)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:/Users/Roman/AppData/Local/Microsoft/Windows Sidebar/Gadgets/All_CPU_Meter_V4.7.3.gadget/CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-12] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-12] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDiskReport 1.4.1\JGoodies Home Page.lnk -> hxxp://www.jgoodies.com
==================== Loaded Modules (Whitelisted) ==============
2018-03-14 10:07 - 2009-02-27 17:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2019-07-31 22:40 - 2013-04-02 05:41 - 000176128 _____ () [File not signed] C:\Program Files\PostgreSQL\9.2\bin\LIBPQ.dll
2019-07-31 22:42 - 2012-08-14 15:31 - 001328128 _____ () [File not signed] C:\Program Files\PostgreSQL\9.2\bin\libxml2.dll
2019-01-20 22:59 - 2014-09-09 14:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2019-07-29 19:41 - 2019-07-29 19:41 - 004404736 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\fa845711ee1e8390906256917b9694f5\DiscSoft.NET.Common.ni.dll
2018-03-14 10:07 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2018-03-14 10:07 - 2013-06-12 20:06 - 000385024 ____R (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2018-03-14 10:07 - 2010-09-29 18:07 - 000180224 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2018-03-14 10:07 - 2011-02-28 12:32 - 000208896 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2018-03-14 10:07 - 2014-05-22 14:50 - 004513792 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
2018-03-14 10:07 - 2013-10-10 22:55 - 002040320 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2018-03-14 10:07 - 2013-09-25 16:35 - 000282112 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
2018-03-14 10:07 - 2013-12-05 14:04 - 000137728 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-03-14 10:07 - 2014-02-17 20:24 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2018-03-14 10:07 - 2014-02-17 20:24 - 017905152 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2018-03-14 10:07 - 2013-11-15 11:17 - 000082944 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2018-03-14 10:07 - 2013-12-05 14:17 - 001536512 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
2018-03-14 10:07 - 2013-12-05 14:19 - 000567296 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
2018-03-14 10:07 - 2012-07-14 10:53 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2019-07-31 22:42 - 2012-05-08 23:00 - 000981504 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\iconv.dll
2019-07-31 22:40 - 2011-01-10 17:16 - 000240862 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\libintl-8.dll
2019-03-27 15:30 - 2014-05-12 16:18 - 000166776 _____ (PacketVideo Corporation -> ) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\platform-player.dll
2014-05-12 16:19 - 2014-05-12 16:19 - 002665336 _____ (PacketVideo Corporation -> ) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
2014-05-12 16:18 - 2014-05-12 16:18 - 000629624 _____ (PacketVideo Corporation -> PacketVideo) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
2014-05-12 16:18 - 2014-05-12 16:18 - 002759544 _____ (PacketVideo Corporation -> PacketVideo) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
2019-07-31 22:40 - 2013-04-02 05:41 - 000089600 _____ (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe
2019-07-31 22:42 - 2013-04-02 05:41 - 005518336 _____ (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
2019-07-31 22:42 - 2012-10-12 12:58 - 001577472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\LIBEAY32.dll
2019-07-31 22:42 - 2012-10-12 12:58 - 000338944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\SSLEAY32.dll
2017-03-14 15:14 - 2017-03-14 15:14 - 000262656 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrAdm.exe
2017-03-14 15:12 - 2017-03-14 15:12 - 001352704 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrAuf.exe
2017-03-14 15:10 - 2017-03-14 15:10 - 000435712 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrDba.exe
2017-03-14 15:11 - 2017-03-14 15:11 - 000387072 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrHis.exe
2017-03-14 15:11 - 2017-03-14 15:11 - 000519680 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrPas.exe
2017-03-14 15:11 - 2017-03-14 15:11 - 000438784 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrSaz.exe
2017-03-14 15:10 - 2017-03-14 15:10 - 000353792 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\vfc10u.dll
2018-11-24 21:14 - 2016-11-05 12:15 - 000035504 ____N (WZTeam -> MSFree Inc.) [File not signed] C:\ProgramData\KMSAutoS\bin\KMSSS.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\Software\Classes\.scr: AutoCADScriptFile =>
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2019-01-07 22:15 - 000000758 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\Pictures\Pozadí_sudy.jpg
HKU\S-1-5-21-2651452621-253113433-2049451952-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E9DB556B-B3E1-405A-8D7F-BB1A4A870F78}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{D5CBC817-5C4B-42D3-9932-554AD66846D5}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{6B333387-5A7E-4BEB-8E19-180D5C37E225}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{8807B58A-4757-4684-A7D4-BEDD93A59BAD}C:\program files\archicad 20\overwatchserver.exe] => (Allow) C:\program files\archicad 20\overwatchserver.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [TCP Query User{46AE5067-E908-4463-B237-D19A879B2CB6}C:\program files\archicad 20\overwatchserver.exe] => (Allow) C:\program files\archicad 20\overwatchserver.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [UDP Query User{EF98864E-03CB-419E-9D6D-AB72D1AD9C8F}C:\program files\archicad 20\archicad.exe] => (Allow) C:\program files\archicad 20\archicad.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [TCP Query User{1CDF9CD3-50A6-430E-BAFA-870C874DCCBC}C:\program files\archicad 20\archicad.exe] => (Allow) C:\program files\archicad 20\archicad.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [{013AF469-F68B-4810-AEEE-9DF75EC5801B}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [TCP Query User{AF7446DC-AB2C-49D6-8EBA-DB65FFE5F882}C:\program files (x86)\philips\media manager\philips media manager.exe] => (Allow) C:\program files (x86)\philips\media manager\philips media manager.exe No File
FirewallRules: [UDP Query User{AF2D8E66-AA98-40C0-A162-704293472153}C:\program files (x86)\philips\media manager\philips media manager.exe] => (Allow) C:\program files (x86)\philips\media manager\philips media manager.exe No File
FirewallRules: [TCP Query User{E7A15910-8C3F-488C-872B-2D7217870F55}C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe] => (Allow) C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe (PacketVideo Corporation -> ) [File not signed]
FirewallRules: [UDP Query User{A9A18CED-5B03-4B04-8707-45D6D2FF917C}C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe] => (Allow) C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe (PacketVideo Corporation -> ) [File not signed]
FirewallRules: [TCP Query User{4F61BE47-61C3-4B9B-99A1-B76C5666975A}C:\program files (x86)\philips\media manager\philips media manager.exe] => (Allow) C:\program files (x86)\philips\media manager\philips media manager.exe No File
FirewallRules: [UDP Query User{A2647A1E-6A65-46A3-892D-41C5F9B26D9D}C:\program files (x86)\philips\media manager\philips media manager.exe] => (Allow) C:\program files (x86)\philips\media manager\philips media manager.exe No File
FirewallRules: [{BA08AA27-13C8-4434-A95D-4766F2454B3E}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (PacketVideo Corporation -> PacketVideo) [File not signed]
FirewallRules: [{DE449B46-B261-48EC-8096-738191C53F0A}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (PacketVideo Corporation -> PacketVideo) [File not signed]
FirewallRules: [{82549BC0-06DB-4B27-9F09-D234836FF7BE}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (PacketVideo Corporation -> ) [File not signed]
FirewallRules: [{82040DAB-D78F-425C-AFC1-9299724370F9}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (PacketVideo Corporation -> ) [File not signed]
FirewallRules: [TCP Query User{87C709A4-53A7-4F40-AE9B-04595D6DBC16}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe (msec.it) [File not signed]
FirewallRules: [UDP Query User{CB58C452-DCC5-437F-9AE3-C8AA5DDB26C7}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe (msec.it) [File not signed]
FirewallRules: [TCP Query User{66A62E16-C6A0-4147-874B-33F0BD39BFE2}C:\users\roman\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\roman\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{5A0AC7FA-24CC-4AB2-AC71-27C246A5D9E3}C:\users\roman\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\roman\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4E1F63C5-D7C7-422C-96A1-34D736360248}] => (Allow) LPort=135
FirewallRules: [{334D8D3D-B5DB-4F8E-9D6D-AB8B562A1B70}] => (Allow) D:\ElsaWin\bin\ElsaWin.exe (Volkswagen AG) [File not signed]
FirewallRules: [{A0685C59-6DD4-478C-B8DD-D5ADCA4F7779}] => (Allow) D:\ElsaWin\bin\ElsaWin.exe (Volkswagen AG) [File not signed]
FirewallRules: [{14697BF9-3D35-4D4B-A153-9934D4259B85}] => (Allow) LPort=1688
FirewallRules: [{E7D93F73-F1A2-4AD5-A35C-FC80BEA4B9BE}] => (Allow) C:\Program Files\Opera\62.0.3331.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{CC8DA52E-B009-43D1-8C6E-ABD001AD8D3C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{96B45F6F-65C2-44AA-915B-7B144A20ECF4}] => (Allow) C:\Program Files\Opera\62.0.3331.99\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{966175E9-8F23-4FE5-B09C-6F8AAAEAC8E1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2019\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{07A1B455-B933-49ED-BEB5-0FB17B74648C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2019\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{7EE5FE9F-586D-4A16-BE5B-1A6F7D80867C}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe (Nero AG -> Nero AG)
FirewallRules: [{29EF6148-D169-4FC1-B582-941DFA0FACA9}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe (Nero AG -> Nero AG)
FirewallRules: [{688C7FF8-ABAA-486B-9BB4-FD1D662B833F}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe (Nero AG -> Nero AG)
FirewallRules: [{8BAE0EDA-7AED-4AEC-9BFB-CD1319B57402}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe (Nero AG -> Nero AG)
FirewallRules: [TCP Query User{CB2D43F1-42D6-4C3A-B8C0-992BA5531972}C:\users\roman\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\roman\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{C8A907AD-2F07-433B-A910-6081C572E181}C:\users\roman\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\roman\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8E9D491D-BF68-4368-ADD8-8A49EDC6F529}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C4960669-7A71-4B69-B457-263D0B50B985}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{6DB76AAA-455F-4590-90F9-819122E90ED2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{82FC34B1-5F49-4C6B-9C4B-AAF2B0208272}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{55213158-CF1A-49FF-93DB-121B38BE6D48}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{8E0C0F18-70EF-426A-86C0-4B64280399BB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{997E3B83-A47B-45CF-BA90-23AA4082DC9E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{4C7A863F-A915-46F1-8297-1901B01BB32D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{C2DF6156-3F01-4166-809C-715630422A70}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{F560C31E-876E-49B1-BCD7-BBE475BFE3BD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{A7668B4B-5B99-4971-B316-E78DCAD13A38}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [TCP Query User{F665B926-8D76-4AA4-AB8B-76494A1D726B}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{4940C6B8-2333-4D23-A45E-F8A9A742346C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{327B901E-13F9-432E-9ED5-F7EBF7DF9717}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{D97B37F5-E029-47F5-A05A-451C910EA81C}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{0742B366-DEBD-44AB-A9C6-4AC233B5A50A}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{3532B99B-941C-4A90-9511-E802EAEEE8BE}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{9432D66E-347F-47AA-8488-D8F01CB172D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{321854C9-BFDA-4C42-92B7-0E9FE2DEF21A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{256484BF-CD3A-4FE0-AEFF-FB090816854B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1C4DE09A-94B3-4404-BB95-04AC0314DB91}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3CC7DF89-1655-444B-A5F9-15CA493507C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FACBEA27-3AE6-4D59-A1EE-FF034E9E518C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{398553B9-CFE3-44D4-8E1F-DB77963798C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8FAEE703-8EC1-44A7-8E92-38CCC4054BE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118.29 GB) (Free:26.22 GB) (22%)
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Multimediální video adaptér
Description: Multimediální video adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/31/2019 11:08:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Resolve.exe, verze: 16.0.0.50, časové razítko: 0x5d38071e
Název chybujícího modulu: pthreadVC2.dll, verze: 2.9.1.0, časové razítko: 0x58255014
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000045df
ID chybujícího procesu: 0x31a4
Čas spuštění chybující aplikace: 0x01d547e3d1dc69f9
Cesta k chybující aplikaci: C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
Cesta k chybujícímu modulu: C:\Program Files\Blackmagic Design\DaVinci Resolve\pthreadVC2.dll
ID zprávy: 9ef05bbd-fdb2-49b0-8df9-6d4f865cf32c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 10:13:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 27d46cb2-332f-43ce-bc7e-2026d0d6c833
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 10:13:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b8de3103-9bf7-4288-91ef-559c79ffb30f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 09:43:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a0ecd87c-91a6-4468-87d1-605955f7d5a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 09:43:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3d4d1bee-a78d-444d-bb8f-f5eb0c6bb933
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 09:23:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: ee31202e-deac-4e72-8480-4b398888b58a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 09:23:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 75e3b80b-6d3f-4c5d-afde-986dac8938ef
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 09:23:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7f6f0d21-6f0f-421d-97f1-4ad0625e5bef
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/02/2019 08:39:24 PM) (Source: DCOM) (EventID: 10016) (User: ROMANPCSTOLNI)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli ROMANPCSTOLNI\Roman (SID: S-1-5-21-2651452621-253113433-2049451952-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/02/2019 08:31:53 PM) (Source: DCOM) (EventID: 10016) (User: ROMANPCSTOLNI)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli ROMANPCSTOLNI\Roman (SID: S-1-5-21-2651452621-253113433-2049451952-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/31/2019 11:14:32 PM) (Source: DCOM) (EventID: 10001) (User: ROMANPCSTOLNI)
Description: Nelze spustit server DCOM: Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
298
při provádění příkazu:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
Error: (07/31/2019 11:14:32 PM) (Source: DCOM) (EventID: 10010) (User: ROMANPCSTOLNI)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy!App.AppX447jn8wbjb1qsw3jxkndb19cwgsrtrkk.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/31/2019 11:13:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_845b669 byla neočekávaně ukončena. Tento stav nastal již 10krát.
Error: (07/31/2019 11:13:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_845b669 byla neočekávaně ukončena. Tento stav nastal již 9krát.
Error: (07/31/2019 11:12:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_845b669 byla neočekávaně ukončena. Tento stav nastal již 8krát.
Error: (07/31/2019 11:12:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_845b669 byla neočekávaně ukončena. Tento stav nastal již 7krát.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1702 05/21/2010
Motherboard: ASUSTeK Computer INC. P7P55D
Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 78%
Total physical RAM: 4094.05 MB
Available physical RAM: 863.17 MB
Total Virtual: 7166.05 MB
Available Virtual: 2168.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.29 GB) (Free:26.23 GB) NTFS
Drive d: (600GB) (Fixed) (Total:596.16 GB) (Free:291.2 GB) NTFS
Drive i: (WD 2TB) (Fixed) (Total:1863.01 GB) (Free:623.4 GB) NTFS
Drive j: (ESD-ISO) (CDROM) (Total:5.37 GB) (Free:0 GB) UDF
Drive n: () (Removable) (Total:29.27 GB) (Free:20.61 GB) FAT32
\\?\Volume{3529ca86-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{3529ca86-0000-0000-0000-00b21d000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 6 (Protective MBR) (Size: 29.3 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2019
Ran by Roman (administrator) on ROMANPCSTOLNI (02-08-2019 20:41:56)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman & postgres (Available Profiles: Roman & postgres)
Platform: Windows 10 Pro Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Abstradrome -> ) C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe
(Abstradrome -> ) C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe
(Abstradrome -> ) C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(LLC Mail.Ru -> Mail.Ru) C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe
(LLC Mail.Ru -> Mail.Ru) C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe
(LLC Mail.Ru -> Mail.Ru) C:\Users\Roman\AppData\Local\Mail.Ru\MailRuUpdater.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELSAWINDB\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Roman\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.881_none_eada7c8e1d8131a8\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.99\opera_crashreporter.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PacketVideo Corporation -> ) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(PacketVideo Corporation -> PacketVideo) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
(PacketVideo Corporation -> PacketVideo) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\NETIS\USB Wireless LAN Utility\RtlService.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrAuf.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrSaz.exe
(WZTeam -> MSFree Inc.) [File not signed] C:\ProgramData\KMSAutoS\bin\KMSSS.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4047480 2012-11-30] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [706392 2017-12-19] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\Shell.exe [90336 2013-05-08] (Abstradrome -> )
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4047480 2012-11-30] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) [File not signed]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-01-12] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [GoogleDriveSync] => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [Xvid] => WScript "C:\Program Files (x86)\Xvid\CheckUpdateLauncher.vbs" "C:\Program Files (x86)\Xvid\CheckUpdate.ps1"
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Run: [MailRuUpdater] => C:\Users\Roman\AppData\Local\Mail.Ru\MailRuUpdater.exe [3532472 2019-07-30] (LLC Mail.Ru -> Mail.Ru) <==== ATTENTION
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\MountPoints2: {04a3cb45-021c-11e8-877d-20cf3019fea6} - "J:\setup.exe"
HKU\S-1-5-21-2651452621-253113433-2049451952-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [251392 2017-12-08] () [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-23] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2019-03-27]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo Corporation -> PacketVideo) [File not signed]
Startup: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar587.lnk [2018-05-15]
ShortcutTarget: Sidebar587.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {39A1B2C2-DDCF-426D-8EEC-E62B0ABB8295} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6450840 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CA61047-2D9E-4161-835D-EF9C4F1F4B0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {426C0F95-27F3-42A6-B615-719F81314AEE} - System32\Tasks\MailRuUpdater => C:\Users\Roman\AppData\Local\Mail.Ru\MailRuUpdater.exe [3532472 2019-07-30] (LLC Mail.Ru -> Mail.Ru) <==== ATTENTION
Task: {47BF93D7-FAF3-4CD4-8B3D-9175F322B29D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [154072 2019-07-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {61522D01-834A-4E85-961E-D3A815F0B343} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {61995F13-8F55-40BA-83CA-69123EEF307E} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-76OS37T-Roman => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6C3CA610-B5B9-4E37-8DA6-1607BB3AB458} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-26] (Google Inc -> Google Inc.)
Task: {6E03FD6F-9708-43B2-9A47-77374A54316F} - System32\Tasks\Opera scheduled Autoupdate 1518342991 => C:\Program Files\Opera\launcher.exe [1519640 2019-07-24] (Opera Software AS -> Opera Software)
Task: {6F76F035-4E18-4C13-BBC2-3DCDFE2E5244} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2047368 2019-07-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {80F00345-548D-409F-B300-96589FCF79B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-10] (Adobe Inc. -> Adobe)
Task: {884AAB95-0C62-4AD5-83C5-D96BC1121070} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {8AD2E2AF-4285-4714-8AB7-7F0CB71A5312} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-01-26] (Google Inc -> Google Inc.)
Task: {94A07625-4349-40A8-9606-2FEDDDB65AC3} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe [1750488 2018-07-19] (Nero AG -> Nero AG)
Task: {A7FB8686-81A4-42E3-BFE8-B12F25CA0357} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7018264 2018-07-18] (Nero AG -> Nero AG)
Task: {BECD1FF9-6CF0-404C-B3AD-1AEC1A94B094} - System32\Tasks\ASUS Patch for VIA Audio => C:\WINDOWS\system32\AsPatchViaAudio.exe [160448 2012-11-07] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.)
Task: {C0D6E8C7-768D-4193-B4EC-9DA086DDAF9B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [154072 2019-07-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C273A340-146C-4303-A266-7D6F0ABD0413} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2651452621-253113433-2049451952-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {CBB07E27-6441-44DE-9A10-7433208B0FD7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6450840 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFDA9104-5DF4-49F3-AABC-593FD3DE0B0B} - System32\Tasks\AdobeGCInvoker-1.0-ROMANPCSTOLNI-Roman => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D9774324-F193-4B35-8129-25BDC46413C0} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [8767160 2016-12-17] (WZTeam -> MSFree Inc.) [File not signed]
Task: {DFD2A452-FDD9-4591-8BE8-7444741ECAA4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-10] (Adobe Inc. -> Adobe)
Task: {E705FDB6-1FCA-4863-841E-AF8F54867D7D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2206352 2019-07-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEF74FC1-54DC-4E27-BF57-51F9E047085C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {F00FE203-686D-422F-8506-B42D538EC072} - System32\Tasks\simplitec Power Suite (Autopilot.exe) => C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe [1058776 2018-07-19] (Nero AG -> Nero AG)
Task: {F1F631A4-3C66-4D11-B72E-B4B8DDFCFFDE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2206352 2019-07-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F53EF18F-6E92-45DB-A229-8EF4D1BD3987} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {FE4322F1-E0D4-462C-B39A-E670619F1C3B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\simplitec Power Suite (Autopilot.exe).job => C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe C:\Program Files (x86)\Nero\Nero TuneItUp\ROMANPCSTOLNI\Roman&simplitec Power Suite (Autopilot.exe
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{09273f41-5daf-4fb2-a764-3fb9b3244b5f}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{75da9a98-fb9f-4c42-9b11-64868e5fca1b}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Internet Explorer:
==================
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mail.ru/cnt/10445?gp=834423
SearchScopes: HKU\S-1-5-21-2651452621-253113433-2049451952-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B03C78D3A-BDA3-4F33-82F9-D82D07BE0DC0%7D&gp=811610
SearchScopes: HKU\S-1-5-21-2651452621-253113433-2049451952-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B03C78D3A-BDA3-4F33-82F9-D82D07BE0DC0%7D&gp=811610
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-07-23] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Search@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\Roman\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll [2019-07-30] (LLC Mail.Ru -> Mail.Ru)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-07-23] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - D:\ElsaWin\bin\wiprot.dll [2011-12-06] (TODO: <Company name>) [File not signed]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-07-23]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://inline.go.mail.ru/homepage?inline_comp=chxtnhp15.1.4.3&inline_hp_cnt=31463255
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811610"
CHR NewTab: Default -> "chrome-extension://hjdkfkdkokphfploiiddakjokndinfgb/visual-bookmarks.html"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B6B9843D5-779E-41FF-9F53-BD2007A5A05C%7D&gp=811610
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default [2019-07-30]
CHR Extension: (Slides) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-07]
CHR Extension: (Docs) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-07]
CHR Extension: (Google Drive) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-07]
CHR Extension: (YouTube) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-07]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-24]
CHR Extension: (Sheets) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-07]
CHR Extension: (YouTube Flash Video Player) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fldkdmkgnlbehfgeifjpjabmandnchpe [2018-02-11]
CHR Extension: (Google Docs Offline) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-17]
CHR Extension: (Avast Online Security) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-24]
CHR Extension: (Визуальные закладки) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjdkfkdkokphfploiiddakjokndinfgb [2019-07-30]
CHR Extension: (Домашняя страница и поиск от Mail.Ru) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepoegkaoeljnbhagabakjodgpfniimo [2019-07-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-02-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-17]
CHR Extension: (Gmail) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-07]
CHR Extension: (Chrome Media Router) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2651452621-253113433-2049451952-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hjdkfkdkokphfploiiddakjokndinfgb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iepoegkaoeljnbhagabakjodgpfniimo] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Google Translate) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2019-07-30]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-08-02]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2017-12-19] (Autodesk, Inc. -> Autodesk Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [238080 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-01-12] (Disc Soft Ltd -> Disc Soft Ltd)
R2 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] (Abstradrome -> )
R2 KMSEmulator; C:\ProgramData\KMSAutoS\bin\KMSSS.exe [35504 2016-11-05] (WZTeam -> MSFree Inc.) [File not signed]
R2 LcSvrAdm; D:\ElsaWin\bin\LcSvrAdm.exe [262656 2017-03-14] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; D:\ElsaWin\bin\LcSvrAuf.exe [1352704 2017-03-14] (Volkswagen AG) [File not signed]
R2 LcSvrDba; D:\ElsaWin\bin\LcSvrDba.exe [435712 2017-03-14] (Volkswagen AG) [File not signed]
R2 LcSvrHis; D:\ElsaWin\bin\LcSvrHis.exe [387072 2017-03-14] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; D:\ElsaWin\bin\LcSvrPas.exe [519680 2017-03-14] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; D:\ElsaWin\bin\LcSvrSaz.exe [438784 2017-03-14] (Volkswagen AG) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-07-23] (McAfee, LLC -> McAfee, Inc.)
R2 mrupdsrv; C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe [1314008 2019-07-30] (LLC Mail.Ru -> Mail.Ru) <==== ATTENTION
R2 MSSQL$ELSAWINDB; C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELSAWINDB\MSSQL\Binn\sqlservr.exe [62218696 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 RealtekWlanU; C:\Program Files (x86)\NETIS\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\NETIS\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-15] (Realtek Semiconductor Corp -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5073792 2019-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$ELSAWINDB; C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELSAWINDB\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [629624 2014-05-12] (PacketVideo Corporation -> PacketVideo) [File not signed]
R2 Updater.Mail.Ru; C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe [3532472 2019-07-30] (LLC Mail.Ru -> Mail.Ru) <==== ATTENTION
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 postgresql-x64-9.2; C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N "postgresql-x64-9.2" -D "C:/Program Files/PostgreSQL/9.2/data" -w [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [11922944 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [359936 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37320 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209256 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263224 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206056 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61688 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279336 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42504 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477288 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387896 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-01-26] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dmvsc; C:\WINDOWS\System32\drivers\dmvsc.sys [47104 2018-04-12] (Microsoft Windows -> Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-01-26] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-01-26] (Disc Soft Ltd -> Disc Soft Ltd)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [196152 2018-01-26] (Disc Soft Ltd -> Duplex Secure Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R2 aswMonFlt; system32\drivers\aswMonFlt.sys [X]
R2 aswStm; system32\drivers\aswStm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-02 20:41 - 2019-08-02 20:43 - 000041242 ____C C:\Users\Roman\Desktop\FRST.txt
2019-08-02 20:40 - 2019-08-02 20:41 - 000000000 ___DC C:\Users\Roman\Desktop\VIRYCZ
2019-08-02 20:40 - 2019-08-02 20:40 - 002096128 ____C (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2019-07-31 23:10 - 2019-07-31 23:10 - 000000000 ___DC C:\Users\Roman\Documents\Blackmagic Design
2019-07-31 23:10 - 2019-07-31 23:10 - 000000000 ____D C:\Users\Public\Documents\Blackmagic Design
2019-07-31 23:06 - 2019-07-31 23:06 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\Blackmagic Design
2019-07-31 23:04 - 2019-07-31 23:04 - 000002012 ____C C:\Users\Roman\Desktop\DaVinci Resolve Project Server.lnk
2019-07-31 23:04 - 2019-07-31 23:04 - 000001992 ____C C:\Users\Roman\Desktop\Resolve.lnk
2019-07-31 23:03 - 2019-07-31 23:04 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2019-07-31 23:03 - 2019-07-31 23:03 - 000000000 ____D C:\Program Files\Blackmagic Design
2019-07-31 22:56 - 2019-07-31 22:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2019-07-31 22:56 - 2019-07-31 22:56 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2019-07-31 22:45 - 2019-07-31 22:45 - 000000000 ____D C:\ProgramData\Blackmagic Design
2019-07-31 22:44 - 2019-07-31 22:44 - 000001914 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2019-07-31 22:44 - 2019-07-31 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2019-07-31 22:43 - 2019-07-31 22:44 - 000000000 ____D C:\Program Files (x86)\QuickTime
2019-07-31 22:43 - 2019-07-31 22:43 - 000000000 ___DC C:\Users\Roman\AppData\LocalLow\Apple Computer
2019-07-31 22:42 - 2019-07-31 22:42 - 000000020 ___SH C:\Users\postgres\ntuser.ini
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Šablony
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Soubory cookie
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Poslední
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Okolní tiskárny
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Okolní síť
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Nabídka Start
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Dokumenty
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Documents\Obrázky
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Documents\Hudba
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Documents\Filmy
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\Data aplikací
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 _SHDL C:\Users\postgres\AppData\Local\Data aplikací
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 ____D C:\Users\postgres
2019-07-31 22:42 - 2019-07-31 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.2
2019-07-31 22:42 - 2018-04-12 01:34 - 000001105 _____ C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-31 22:40 - 2019-07-31 22:40 - 000000000 ____D C:\Program Files\PostgreSQL
2019-07-31 21:15 - 2019-07-31 21:15 - 000001139 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-07-31 19:20 - 2019-07-31 19:20 - 000000000 ___HD C:\$WINDOWS.~BT
2019-07-31 18:46 - 2019-07-31 21:14 - 000000000 ____D C:\ESD
2019-07-31 18:42 - 2019-07-31 18:42 - 019256968 ____C (Microsoft Corporation) C:\Users\Roman\Desktop\MediaCreationTool1903.exe
2019-07-31 18:42 - 2019-07-31 18:42 - 000000000 ___HD C:\$Windows.~WS
2019-07-31 18:38 - 2019-07-31 21:26 - 000000000 ___DC C:\Users\Roman\AppData\LocalLow\uTorrent
2019-07-30 21:22 - 2019-07-30 21:42 - 000000412 __RSH C:\ProgramData\ntuser.pol
2019-07-30 21:11 - 2019-07-31 21:24 - 000000000 ___DC C:\Users\Roman\AppData\Local\BitTorrentHelper
2019-07-30 21:07 - 2019-07-30 21:07 - 000000000 ___DC C:\Users\Roman\Desktop\Isoburner
2019-07-30 21:04 - 2019-07-31 23:14 - 000002260 _____ C:\WINDOWS\System32\Tasks\MailRuUpdater
2019-07-30 21:04 - 2019-07-30 21:04 - 000000000 ___DC C:\Users\Roman\AppData\Local\Mail.Ru
2019-07-30 21:04 - 2019-07-30 21:04 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-07-30 21:04 - 2019-07-30 21:04 - 000000000 ____D C:\Program Files (x86)\Mail.Ru
2019-07-30 20:58 - 2019-07-30 20:59 - 000000000 ___DC C:\Users\Roman\Desktop\NERO 2019 crack
2019-07-30 20:53 - 2019-07-30 20:53 - 000000000 ___DC C:\Users\Roman\AppData\Local\Nero
2019-07-30 20:52 - 2019-07-31 23:14 - 000002526 _____ C:\WINDOWS\System32\Tasks\simplitec Power Suite (Autopilot.exe)
2019-07-30 20:52 - 2019-07-31 23:14 - 000000456 _____ C:\WINDOWS\Tasks\simplitec Power Suite (Autopilot.exe).job
2019-07-30 20:52 - 2019-07-30 20:52 - 000001402 _____ C:\Users\Public\Desktop\Nero Start.lnk
2019-07-30 20:52 - 2019-07-30 20:52 - 000000000 ___DC C:\Users\Roman\AppData\Local\NeroLauncher
2019-07-30 20:52 - 2019-07-30 20:52 - 000000000 ___DC C:\Users\Roman\AppData\Local\cache
2019-07-30 20:51 - 2019-07-31 23:14 - 000002546 _____ C:\WINDOWS\System32\Tasks\simplitec Power Suite
2019-07-30 20:51 - 2019-07-31 23:14 - 000000362 _____ C:\WINDOWS\Tasks\simplitec Power Suite.job
2019-07-30 20:51 - 2019-07-30 20:51 - 000001389 _____ C:\Users\Public\Desktop\1-Click Optimisation.lnk
2019-07-30 20:51 - 2019-07-30 20:51 - 000001343 _____ C:\Users\Public\Desktop\Nero TuneItUp.lnk
2019-07-30 20:51 - 2019-07-30 20:51 - 000000000 ____D C:\WINDOWS\System32\Tasks\Nero
2019-07-30 20:51 - 2019-07-30 20:51 - 000000000 ____D C:\ProgramData\simplitec
2019-07-30 20:51 - 2019-07-30 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\System optimization
2019-07-30 20:50 - 2019-07-30 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2019
2019-07-30 20:49 - 2019-07-30 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2019-07-30 20:49 - 2019-07-30 20:51 - 000000000 ____D C:\Program Files (x86)\Nero
2019-07-30 20:48 - 2019-07-30 20:52 - 000000000 ____D C:\ProgramData\Nero
2019-07-30 20:46 - 2019-07-30 20:53 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\Nero
2019-07-25 07:56 - 2019-07-25 08:49 - 000012518 ____C C:\Users\Roman\AppData\Roaming\SerialClonerPrefs
2019-07-25 07:38 - 2019-07-25 07:38 - 000001161 _____ C:\Users\Public\Desktop\Serial Cloner.lnk
2019-07-25 07:38 - 2019-07-25 07:38 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\SerialCloner
2019-07-25 07:38 - 2019-07-25 07:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serial Cloner
2019-07-25 07:38 - 2019-07-25 07:38 - 000000000 ____D C:\Program Files (x86)\Serial Cloner
2019-07-25 07:37 - 2019-07-25 07:37 - 008114223 ____C (SerialBasics ) C:\Users\Roman\Desktop\SerialCloner2-6_Install.exe
2019-07-25 07:34 - 2019-07-31 18:38 - 000168896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3709ac2f23d807e5.tmp
2019-07-25 07:34 - 2019-07-25 07:33 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-07-25 07:34 - 2019-07-25 07:33 - 000225816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw421fb86429ef4487.tmp
2019-07-23 21:00 - 2019-07-23 21:00 - 000002690 ____C C:\Users\Roman\Desktop\1click.cmd
2019-07-23 19:21 - 2019-07-29 19:24 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-07-23 08:26 - 2019-07-23 08:26 - 000001107 _____ C:\Users\Public\Desktop\Prohlížeč Opera.lnk
2019-07-12 13:41 - 2019-07-12 13:50 - 000035088 ____C C:\Users\Roman\Desktop\Pizza_pec_stůl.bak
2019-07-12 13:34 - 2019-07-12 18:15 - 000000206 ___HC C:\Users\Roman\Desktop\Pizza_pec_stůl.dwl2
2019-07-12 13:34 - 2019-07-12 18:15 - 000000054 ___HC C:\Users\Roman\Desktop\Pizza_pec_stůl.dwl
2019-07-10 08:18 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-10 08:18 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-10 08:18 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-10 08:18 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-10 08:18 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-10 08:18 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-10 08:18 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-10 08:18 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-10 08:18 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-10 08:18 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-10 08:18 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-10 08:18 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-10 08:18 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-10 08:18 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-10 08:18 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-10 08:18 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-10 08:18 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 08:18 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-10 08:18 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-10 08:18 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-10 08:18 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-10 08:18 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-10 08:18 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-10 08:18 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-10 08:18 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-10 08:18 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-10 08:18 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-10 08:18 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-10 08:18 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-10 08:18 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-10 08:18 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-10 08:18 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-10 08:18 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-10 08:18 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-10 08:18 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-10 08:18 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-10 08:18 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-10 08:18 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-10 08:18 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-10 08:18 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-10 08:18 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-10 08:18 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-10 08:18 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-10 08:18 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-10 08:18 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-10 08:18 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 08:18 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 08:18 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-10 08:18 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-10 08:17 - 2019-07-04 11:45 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-07-10 08:17 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-10 08:17 - 2019-07-04 11:41 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-07-10 08:17 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-10 08:17 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-10 08:17 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-10 08:17 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-10 08:17 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-10 08:17 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-10 08:17 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-10 08:17 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-10 08:17 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-10 08:17 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-10 08:17 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-10 08:17 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-10 08:17 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-10 08:17 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-10 08:17 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-10 08:17 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-10 08:17 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-10 08:17 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-10 08:17 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-10 08:17 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-10 08:17 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-10 08:17 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-10 08:17 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-10 08:17 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-10 08:17 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-10 08:17 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-10 08:17 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-10 08:17 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-10 08:17 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-10 08:17 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-10 08:17 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-10 08:17 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-10 08:17 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 08:17 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-10 08:17 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 08:17 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-10 08:17 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-10 08:17 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-10 08:17 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-10 08:17 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-10 08:17 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-10 08:17 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-10 08:17 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-10 08:17 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-10 08:17 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-10 08:17 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-10 08:17 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-10 08:17 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-10 08:17 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-10 08:17 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-10 08:17 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-10 08:17 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-10 08:17 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-10 08:17 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-10 08:17 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-10 08:17 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-10 08:17 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 08:17 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-10 08:17 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-10 08:17 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-10 08:17 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-10 08:17 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-10 08:17 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-10 08:17 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-10 08:17 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-10 08:17 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-10 08:17 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-10 08:17 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-10 08:17 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-10 08:17 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-10 08:17 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-10 08:17 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-10 08:17 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-10 08:17 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-10 08:17 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-10 08:17 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-10 08:17 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-10 08:17 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-10 08:17 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-10 08:17 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-10 08:17 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-10 08:17 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-10 08:17 - 2019-06-13 13:43 - 001427984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-07-10 08:17 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-10 08:17 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-10 08:17 - 2019-06-13 13:42 - 002266936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-07-10 08:17 - 2019-06-13 13:42 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-07-10 08:17 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-10 08:17 - 2019-06-13 13:41 - 001626936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-07-10 08:17 - 2019-06-13 13:41 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-07-10 08:17 - 2019-06-13 13:41 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-07-10 08:17 - 2019-06-13 13:41 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-07-10 08:17 - 2019-06-13 13:40 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-07-10 08:17 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-10 08:17 - 2019-06-13 13:40 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-07-10 08:17 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-10 08:17 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-10 08:17 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-10 08:17 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-10 08:17 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-10 08:17 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-10 08:17 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-10 08:17 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-10 08:17 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-10 08:17 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-10 08:17 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-10 08:17 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-10 08:17 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-10 08:17 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-10 08:17 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-10 08:17 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-10 08:17 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-10 08:17 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-10 08:17 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-10 08:17 - 2019-06-13 12:11 - 001539896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-07-10 08:17 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-10 08:17 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-10 08:17 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-10 08:17 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-10 08:17 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-10 08:17 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-10 08:17 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-10 08:17 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-10 08:17 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-10 08:17 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-10 08:17 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-10 08:17 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-10 08:17 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-10 08:17 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-10 08:17 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-10 08:17 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-10 08:17 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-10 08:17 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-10 08:17 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-10 08:17 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-10 08:17 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-10 08:17 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-10 08:17 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-10 08:17 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-10 08:17 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-10 08:17 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-10 08:17 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-10 08:17 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-10 08:17 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-10 08:17 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-10 08:17 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-10 08:17 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-10 08:17 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-10 08:17 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-10 08:17 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-10 08:17 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-10 08:17 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-10 08:17 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-10 08:17 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-10 08:17 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-10 08:17 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-10 08:17 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-10 08:17 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-10 08:17 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-10 08:17 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-10 08:17 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-10 08:17 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-10 08:17 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 08:17 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-10 08:17 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-10 08:17 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-10 08:17 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-10 08:17 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-10 08:17 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-10 08:17 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-10 08:17 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-10 08:17 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-10 08:17 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-10 08:17 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-10 08:17 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-10 08:17 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-10 08:17 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-10 08:17 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-10 08:17 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-10 08:17 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-10 08:17 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-10 08:17 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 08:17 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-02 20:44 - 2018-05-06 06:52 - 000000000 ____D C:\ProgramData\TEMP
2019-08-02 20:41 - 2018-02-06 20:05 - 000000000 ____D C:\FRST
2019-08-02 20:37 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-02 20:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-02 20:35 - 2018-11-20 21:25 - 000000000 ____D C:\Program Files\rempl
2019-08-02 20:34 - 2019-03-27 15:30 - 000000000 ____D C:\ProgramData\TwonkyServer
2019-08-02 20:34 - 2018-05-15 21:45 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-08-02 20:31 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-02 20:31 - 2018-02-11 11:53 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\Apple Computer
2019-07-31 23:14 - 2019-01-02 13:46 - 000002814 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-ROMANPCSTOLNI-Roman
2019-07-31 23:14 - 2018-11-24 21:14 - 000003108 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
2019-07-31 23:14 - 2018-08-25 18:20 - 000002628 _____ C:\WINDOWS\System32\Tasks\ASUS Patch for VIA Audio
2019-07-31 23:14 - 2018-05-15 21:45 - 000003828 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-31 23:14 - 2018-05-15 21:45 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-07-31 23:14 - 2018-05-15 21:45 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-07-31 23:14 - 2018-05-15 21:45 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-31 23:14 - 2018-05-15 21:45 - 000003302 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1518342991
2019-07-31 23:14 - 2018-05-15 21:45 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-31 23:14 - 2018-05-15 21:45 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2651452621-253113433-2049451952-1001
2019-07-31 23:14 - 2018-05-15 21:45 - 000002778 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2019-07-31 23:14 - 2018-05-15 21:45 - 000002726 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-76OS37T-Roman
2019-07-31 23:14 - 2018-05-15 21:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-07-31 23:05 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-31 22:46 - 2018-01-26 00:39 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\vlc
2019-07-31 22:37 - 2018-05-15 21:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-31 21:26 - 2018-01-27 18:41 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\uTorrent
2019-07-31 21:14 - 2018-05-14 09:48 - 000000000 ___DC C:\WINDOWS\Panther
2019-07-31 20:26 - 2018-05-15 21:37 - 000002404 ____C C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-31 20:26 - 2018-01-26 00:09 - 000000000 ___RD C:\Users\Roman\OneDrive
2019-07-31 18:48 - 2018-01-26 00:58 - 000000000 ___DC C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-07-31 18:48 - 2018-01-26 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-07-31 18:48 - 2018-01-26 00:58 - 000000000 ____D C:\Program Files\WinRAR
2019-07-31 18:41 - 2018-11-24 21:14 - 000000000 ____D C:\ProgramData\KMSAutoS
2019-07-31 18:38 - 2018-01-27 13:24 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-07-30 22:13 - 2018-08-25 17:45 - 000000000 ___DC C:\Users\Roman\AppData\Local\CrashDumps
2019-07-30 21:04 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2019-07-30 21:04 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-07-30 20:28 - 2019-01-11 12:21 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-07-30 20:28 - 2018-02-11 11:56 - 000000000 ____D C:\Program Files\Opera
2019-07-29 19:26 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-29 19:24 - 2018-06-18 14:43 - 000000000 ____D C:\Program Files\Microsoft Office
2019-07-25 20:57 - 2018-01-27 13:24 - 000387896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-07-25 07:34 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-25 07:33 - 2019-02-13 10:27 - 000279336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-07-25 07:33 - 2019-01-19 18:39 - 000263224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-07-25 07:33 - 2019-01-17 10:09 - 000206056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-07-25 07:33 - 2019-01-17 10:09 - 000061688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-07-25 07:33 - 2019-01-17 10:09 - 000037320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-07-25 07:33 - 2018-11-04 09:19 - 000042504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-07-25 07:33 - 2018-01-27 13:24 - 000477288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-07-25 07:33 - 2018-01-27 13:24 - 000209256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-07-25 07:33 - 2018-01-27 13:24 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-07-25 07:33 - 2018-01-27 13:24 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-07-23 08:26 - 2018-02-01 20:17 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-12 18:15 - 2019-06-16 12:14 - 000035022 ____C C:\Users\Roman\Desktop\Pizza_pec_stůl.dwg
2019-07-10 09:35 - 2018-05-15 21:47 - 001874340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-10 09:35 - 2018-04-12 17:51 - 000781056 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-10 09:35 - 2018-04-12 17:51 - 000169360 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-10 09:30 - 2018-01-26 01:29 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-07-10 09:29 - 2018-05-15 21:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-10 09:29 - 2018-05-15 21:33 - 000498888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-10 09:29 - 2018-01-26 00:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 09:29 - 2018-01-26 00:05 - 000000000 ___RD C:\Users\Roman\3D Objects
2019-07-10 09:26 - 2018-04-12 17:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-10 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-10 09:26 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-10 09:26 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-10 08:22 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-10 08:16 - 2018-01-26 15:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 08:11 - 2018-01-26 15:24 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-10 07:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-10 07:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
==================== Files in the root of some directories ================
2018-03-18 21:37 - 2018-05-15 19:59 - 000002394 _____ () C:\Users\Roman\IP_Log_Data.js
2018-03-18 22:00 - 2018-05-15 21:00 - 000003599 _____ () C:\Users\Roman\Network_Meter_Data.js
2018-05-09 21:43 - 2018-05-09 21:46 - 000000624 ____C () C:\Users\Roman\AppData\Roaming\All CPU MeterV3_Settings.ini
2018-03-18 22:30 - 2018-05-15 21:03 - 000000026 ____C () C:\Users\Roman\AppData\Roaming\Network Meter_Usage.ini
2019-07-25 07:56 - 2019-07-25 08:49 - 000012518 ____C () C:\Users\Roman\AppData\Roaming\SerialClonerPrefs
2019-03-27 18:05 - 2019-03-27 18:05 - 000000001 ____C () C:\Users\Roman\AppData\Local\llftool.4.40.agreement
2018-11-04 09:23 - 2018-11-04 09:23 - 000000000 ____C () C:\Users\Roman\AppData\Local\oobelibMkey.log
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2019
Ran by Roman (02-08-2019 20:45:08)
Running from C:\Users\Roman\Desktop
Windows 10 Pro Version 1803 17134.885 (X64) (2018-05-15 19:45:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2651452621-253113433-2049451952-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2651452621-253113433-2049451952-503 - Limited - Disabled)
Guest (S-1-5-21-2651452621-253113433-2049451952-501 - Limited - Enabled)
postgres (S-1-5-21-2651452621-253113433-2049451952-1006 - Limited - Enabled) => C:\Users\postgres
Roman (S-1-5-21-2651452621-253113433-2049451952-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-2651452621-253113433-2049451952-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.)
8GadgetPack (HKLM-x32\...\{E6BA0C10-856E-452A-954C-85F41072385F}) (Version: 25.0.0 - 8GadgetPack.net)
A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Premiere Elements 15 (HKLM-x32\...\{FD45A9C9-02BE-4E62-8629-78DF29A10FF5}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - )
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.5 - Arduino LLC)
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack - English (HKLM\...\{28B89EEF-1001-0409-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\{6ED27C84-0000-1033-0102-D4DAEFFC23C2}) (Version: 4.0.0.28 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 4.0.0.28 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Brother MFL-Pro Suite DCP-9020CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7042 - CDBurnerXP)
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.0.0337 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
DaVinci Resolve (HKLM\...\{1A5510D0-742F-4CDC-AB09-57C19F19C04D}) (Version: 16.0.0050 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 3.4.0.27 - DiskInternals Research)
Dukto R6 (HKLM-x32\...\{386C0311-B146-4CE0-89E5-8469A3583156}}_is1) (Version: R6 - Emanuele Colombo)
ElsaWin (HKLM-x32\...\ElsaWin) (Version: 6.00 - )
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.3.7 - CEWE Stiftung u Co. KGaA)
Free FLAC to MP3 Converter 1.4 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: 1.4 - PolySoft Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HDD Regenerator (HKLM-x32\...\{CC5DA723-D428-40D1-B82B-21EB64B1273C}) (Version: 20.11.0011 - Abstradrome)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
JDiskReport 1.4.1 (HKLM-x32\...\JDiskReport 1.4.1) (Version: 1.4.1 (2014-02-26 11:50:44) - JGoodies Karsten Lentzsch)
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.80 - McAfee, LLC.)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\OneDriveSetup.exe) (Version: 19.126.0627.0002 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
MiniTool Partition Wizard Free 11 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
Movavi Video Suite 15 (HKLM-x32\...\Movavi Video Suite 15) (Version: 15.4.0 - Movavi)
Nero BurningROM 2019 (HKLM-x32\...\{798AC6BA-CF99-4585-BD3A-89A51CB10530}) (Version: 20.0.00900 - Nero AG)
Nero Core (HKLM-x32\...\{85EFC653-C416-4759-BFD0-0A0095B3FFAC}) (Version: 1.2.00200 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 20.0.1011 - Nero AG)
Nero TuneItUp (HKLM-x32\...\Nero_tuneitup_is1) (Version: 2.8.0.84 - Nero AG)
NETIS Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0290 - Netis Systems Co., Ltd.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Opera Stable 62.0.3331.99 (HKLM-x32\...\Opera 62.0.3331.99) (Version: 62.0.3331.99 - Opera Software)
Paragon Partition Manager™ 14 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.7.232 - Autodesk)
PostgreSQL 9.2 (HKLM\...\PostgreSQL 9.2) (Version: 9.2 - PostgreSQL Global Development Group)
Prerequisite installer (HKLM-x32\...\{37E15A76-F310-4C62-9D32-EE96C83BBD2C}) (Version: 20.2.0001 - Nero AG) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version: - )
Serial Cloner version 2.6.1 (HKLM-x32\...\{6EA0A7CE-3989-4A96-9363-E7F2697F52A3}_is1) (Version: 2.6.1 - SerialBasics)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Siko Kitchen Planner Web (HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\SquareClock_Production_Home_5-2_290df3ae) (Version: - 3DVIA SAS)
Simple Time Lapse (HKLM-x32\...\{D07A4321-C78A-4442-8DC2-F63F1A2D08E3}) (Version: 1.0.1 - Limosoft)
SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{51E5BC99-A087-4CFF-8D93-462903EA7E12}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Twonky Server (HKLM-x32\...\TwonkyServer) (Version: 7.3.0.0 - PacketVideo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.5) (Version: 1.3.5 - Xvid Team)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Служба автоматического обновления программ (HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\MailRuUpdater) (Version: - Mail.Ru) <==== ATTENTION
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-06-18] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-12] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.1.1.1_x86__h6adky7gbf63m [2019-07-12] (Gameloft.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.2.0.9_x86__h6adky7gbf63m [2019-07-30] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-23] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-23] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0 [2019-08-02] (Spotify AB)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:/Users/Roman/AppData/Local/Microsoft/Windows Sidebar/Gadgets/All_CPU_Meter_V4.7.3.gadget/CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2651452621-253113433-2049451952-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-12] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-12] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDiskReport 1.4.1\JGoodies Home Page.lnk -> hxxp://www.jgoodies.com
==================== Loaded Modules (Whitelisted) ==============
2018-03-14 10:07 - 2009-02-27 17:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2019-07-31 22:40 - 2013-04-02 05:41 - 000176128 _____ () [File not signed] C:\Program Files\PostgreSQL\9.2\bin\LIBPQ.dll
2019-07-31 22:42 - 2012-08-14 15:31 - 001328128 _____ () [File not signed] C:\Program Files\PostgreSQL\9.2\bin\libxml2.dll
2019-01-20 22:59 - 2014-09-09 14:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2019-07-29 19:41 - 2019-07-29 19:41 - 004404736 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\fa845711ee1e8390906256917b9694f5\DiscSoft.NET.Common.ni.dll
2018-03-14 10:07 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2018-03-14 10:07 - 2013-06-12 20:06 - 000385024 ____R (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2018-03-14 10:07 - 2010-09-29 18:07 - 000180224 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2018-03-14 10:07 - 2011-02-28 12:32 - 000208896 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2018-03-14 10:07 - 2014-05-22 14:50 - 004513792 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
2018-03-14 10:07 - 2013-10-10 22:55 - 002040320 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2018-03-14 10:07 - 2013-09-25 16:35 - 000282112 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
2018-03-14 10:07 - 2013-12-05 14:04 - 000137728 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-03-14 10:07 - 2014-02-17 20:24 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2018-03-14 10:07 - 2014-02-17 20:24 - 017905152 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2018-03-14 10:07 - 2013-11-15 11:17 - 000082944 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2018-03-14 10:07 - 2013-12-05 14:17 - 001536512 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
2018-03-14 10:07 - 2013-12-05 14:19 - 000567296 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
2018-03-14 10:07 - 2012-07-14 10:53 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2019-07-31 22:42 - 2012-05-08 23:00 - 000981504 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\iconv.dll
2019-07-31 22:40 - 2011-01-10 17:16 - 000240862 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\libintl-8.dll
2019-03-27 15:30 - 2014-05-12 16:18 - 000166776 _____ (PacketVideo Corporation -> ) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\platform-player.dll
2014-05-12 16:19 - 2014-05-12 16:19 - 002665336 _____ (PacketVideo Corporation -> ) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
2014-05-12 16:18 - 2014-05-12 16:18 - 000629624 _____ (PacketVideo Corporation -> PacketVideo) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
2014-05-12 16:18 - 2014-05-12 16:18 - 002759544 _____ (PacketVideo Corporation -> PacketVideo) [File not signed] C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
2019-07-31 22:40 - 2013-04-02 05:41 - 000089600 _____ (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe
2019-07-31 22:42 - 2013-04-02 05:41 - 005518336 _____ (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
2019-07-31 22:42 - 2012-10-12 12:58 - 001577472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\LIBEAY32.dll
2019-07-31 22:42 - 2012-10-12 12:58 - 000338944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.2\bin\SSLEAY32.dll
2017-03-14 15:14 - 2017-03-14 15:14 - 000262656 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrAdm.exe
2017-03-14 15:12 - 2017-03-14 15:12 - 001352704 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrAuf.exe
2017-03-14 15:10 - 2017-03-14 15:10 - 000435712 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrDba.exe
2017-03-14 15:11 - 2017-03-14 15:11 - 000387072 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrHis.exe
2017-03-14 15:11 - 2017-03-14 15:11 - 000519680 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrPas.exe
2017-03-14 15:11 - 2017-03-14 15:11 - 000438784 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\LcSvrSaz.exe
2017-03-14 15:10 - 2017-03-14 15:10 - 000353792 _____ (Volkswagen AG) [File not signed] D:\ElsaWin\bin\vfc10u.dll
2018-11-24 21:14 - 2016-11-05 12:15 - 000035504 ____N (WZTeam -> MSFree Inc.) [File not signed] C:\ProgramData\KMSAutoS\bin\KMSSS.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\Software\Classes\.scr: AutoCADScriptFile =>
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2651452621-253113433-2049451952-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2019-01-07 22:15 - 000000758 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-2651452621-253113433-2049451952-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\Pictures\Pozadí_sudy.jpg
HKU\S-1-5-21-2651452621-253113433-2049451952-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E9DB556B-B3E1-405A-8D7F-BB1A4A870F78}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{D5CBC817-5C4B-42D3-9932-554AD66846D5}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{6B333387-5A7E-4BEB-8E19-180D5C37E225}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{8807B58A-4757-4684-A7D4-BEDD93A59BAD}C:\program files\archicad 20\overwatchserver.exe] => (Allow) C:\program files\archicad 20\overwatchserver.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [TCP Query User{46AE5067-E908-4463-B237-D19A879B2CB6}C:\program files\archicad 20\overwatchserver.exe] => (Allow) C:\program files\archicad 20\overwatchserver.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [UDP Query User{EF98864E-03CB-419E-9D6D-AB72D1AD9C8F}C:\program files\archicad 20\archicad.exe] => (Allow) C:\program files\archicad 20\archicad.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [TCP Query User{1CDF9CD3-50A6-430E-BAFA-870C874DCCBC}C:\program files\archicad 20\archicad.exe] => (Allow) C:\program files\archicad 20\archicad.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [{013AF469-F68B-4810-AEEE-9DF75EC5801B}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [TCP Query User{AF7446DC-AB2C-49D6-8EBA-DB65FFE5F882}C:\program files (x86)\philips\media manager\philips media manager.exe] => (Allow) C:\program files (x86)\philips\media manager\philips media manager.exe No File
FirewallRules: [UDP Query User{AF2D8E66-AA98-40C0-A162-704293472153}C:\program files (x86)\philips\media manager\philips media manager.exe] => (Allow) C:\program files (x86)\philips\media manager\philips media manager.exe No File
FirewallRules: [TCP Query User{E7A15910-8C3F-488C-872B-2D7217870F55}C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe] => (Allow) C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe (PacketVideo Corporation -> ) [File not signed]
FirewallRules: [UDP Query User{A9A18CED-5B03-4B04-8707-45D6D2FF917C}C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe] => (Allow) C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe (PacketVideo Corporation -> ) [File not signed]
FirewallRules: [TCP Query User{4F61BE47-61C3-4B9B-99A1-B76C5666975A}C:\program files (x86)\philips\media manager\philips media manager.exe] => (Allow) C:\program files (x86)\philips\media manager\philips media manager.exe No File
FirewallRules: [UDP Query User{A2647A1E-6A65-46A3-892D-41C5F9B26D9D}C:\program files (x86)\philips\media manager\philips media manager.exe] => (Allow) C:\program files (x86)\philips\media manager\philips media manager.exe No File
FirewallRules: [{BA08AA27-13C8-4434-A95D-4766F2454B3E}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (PacketVideo Corporation -> PacketVideo) [File not signed]
FirewallRules: [{DE449B46-B261-48EC-8096-738191C53F0A}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (PacketVideo Corporation -> PacketVideo) [File not signed]
FirewallRules: [{82549BC0-06DB-4B27-9F09-D234836FF7BE}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (PacketVideo Corporation -> ) [File not signed]
FirewallRules: [{82040DAB-D78F-425C-AFC1-9299724370F9}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (PacketVideo Corporation -> ) [File not signed]
FirewallRules: [TCP Query User{87C709A4-53A7-4F40-AE9B-04595D6DBC16}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe (msec.it) [File not signed]
FirewallRules: [UDP Query User{CB58C452-DCC5-437F-9AE3-C8AA5DDB26C7}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe (msec.it) [File not signed]
FirewallRules: [TCP Query User{66A62E16-C6A0-4147-874B-33F0BD39BFE2}C:\users\roman\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\roman\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{5A0AC7FA-24CC-4AB2-AC71-27C246A5D9E3}C:\users\roman\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\roman\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4E1F63C5-D7C7-422C-96A1-34D736360248}] => (Allow) LPort=135
FirewallRules: [{334D8D3D-B5DB-4F8E-9D6D-AB8B562A1B70}] => (Allow) D:\ElsaWin\bin\ElsaWin.exe (Volkswagen AG) [File not signed]
FirewallRules: [{A0685C59-6DD4-478C-B8DD-D5ADCA4F7779}] => (Allow) D:\ElsaWin\bin\ElsaWin.exe (Volkswagen AG) [File not signed]
FirewallRules: [{14697BF9-3D35-4D4B-A153-9934D4259B85}] => (Allow) LPort=1688
FirewallRules: [{E7D93F73-F1A2-4AD5-A35C-FC80BEA4B9BE}] => (Allow) C:\Program Files\Opera\62.0.3331.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{CC8DA52E-B009-43D1-8C6E-ABD001AD8D3C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{96B45F6F-65C2-44AA-915B-7B144A20ECF4}] => (Allow) C:\Program Files\Opera\62.0.3331.99\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{966175E9-8F23-4FE5-B09C-6F8AAAEAC8E1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2019\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{07A1B455-B933-49ED-BEB5-0FB17B74648C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2019\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{7EE5FE9F-586D-4A16-BE5B-1A6F7D80867C}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe (Nero AG -> Nero AG)
FirewallRules: [{29EF6148-D169-4FC1-B582-941DFA0FACA9}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe (Nero AG -> Nero AG)
FirewallRules: [{688C7FF8-ABAA-486B-9BB4-FD1D662B833F}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe (Nero AG -> Nero AG)
FirewallRules: [{8BAE0EDA-7AED-4AEC-9BFB-CD1319B57402}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe (Nero AG -> Nero AG)
FirewallRules: [TCP Query User{CB2D43F1-42D6-4C3A-B8C0-992BA5531972}C:\users\roman\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\roman\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{C8A907AD-2F07-433B-A910-6081C572E181}C:\users\roman\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\roman\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8E9D491D-BF68-4368-ADD8-8A49EDC6F529}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C4960669-7A71-4B69-B457-263D0B50B985}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{6DB76AAA-455F-4590-90F9-819122E90ED2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{82FC34B1-5F49-4C6B-9C4B-AAF2B0208272}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{55213158-CF1A-49FF-93DB-121B38BE6D48}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{8E0C0F18-70EF-426A-86C0-4B64280399BB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{997E3B83-A47B-45CF-BA90-23AA4082DC9E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{4C7A863F-A915-46F1-8297-1901B01BB32D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{C2DF6156-3F01-4166-809C-715630422A70}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{F560C31E-876E-49B1-BCD7-BBE475BFE3BD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{A7668B4B-5B99-4971-B316-E78DCAD13A38}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [TCP Query User{F665B926-8D76-4AA4-AB8B-76494A1D726B}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{4940C6B8-2333-4D23-A45E-F8A9A742346C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{327B901E-13F9-432E-9ED5-F7EBF7DF9717}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{D97B37F5-E029-47F5-A05A-451C910EA81C}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{0742B366-DEBD-44AB-A9C6-4AC233B5A50A}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{3532B99B-941C-4A90-9511-E802EAEEE8BE}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{9432D66E-347F-47AA-8488-D8F01CB172D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{321854C9-BFDA-4C42-92B7-0E9FE2DEF21A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{256484BF-CD3A-4FE0-AEFF-FB090816854B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1C4DE09A-94B3-4404-BB95-04AC0314DB91}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3CC7DF89-1655-444B-A5F9-15CA493507C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FACBEA27-3AE6-4D59-A1EE-FF034E9E518C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{398553B9-CFE3-44D4-8E1F-DB77963798C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8FAEE703-8EC1-44A7-8E92-38CCC4054BE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118.29 GB) (Free:26.22 GB) (22%)
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Multimediální video adaptér
Description: Multimediální video adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/31/2019 11:08:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Resolve.exe, verze: 16.0.0.50, časové razítko: 0x5d38071e
Název chybujícího modulu: pthreadVC2.dll, verze: 2.9.1.0, časové razítko: 0x58255014
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000045df
ID chybujícího procesu: 0x31a4
Čas spuštění chybující aplikace: 0x01d547e3d1dc69f9
Cesta k chybující aplikaci: C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
Cesta k chybujícímu modulu: C:\Program Files\Blackmagic Design\DaVinci Resolve\pthreadVC2.dll
ID zprávy: 9ef05bbd-fdb2-49b0-8df9-6d4f865cf32c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 10:13:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 27d46cb2-332f-43ce-bc7e-2026d0d6c833
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 10:13:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b8de3103-9bf7-4288-91ef-559c79ffb30f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 09:43:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a0ecd87c-91a6-4468-87d1-605955f7d5a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 09:43:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3d4d1bee-a78d-444d-bb8f-f5eb0c6bb933
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 09:23:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: ee31202e-deac-4e72-8480-4b398888b58a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 09:23:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 75e3b80b-6d3f-4c5d-afde-986dac8938ef
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2019 09:23:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VcbiIfyEmIbNlHD.exe, verze: 1.0.1098.31, časové razítko: 0x5d40933a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000e
ID chybujícího procesu: 0x37a8
Čas spuštění chybující aplikace: 0x01d547097de2d999
Cesta k chybující aplikaci: C:\Users\Roman\AppData\Local\Temp\is-BA0FV.tmp\VcbiIfyEmIbNlHD.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7f6f0d21-6f0f-421d-97f1-4ad0625e5bef
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/02/2019 08:39:24 PM) (Source: DCOM) (EventID: 10016) (User: ROMANPCSTOLNI)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli ROMANPCSTOLNI\Roman (SID: S-1-5-21-2651452621-253113433-2049451952-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/02/2019 08:31:53 PM) (Source: DCOM) (EventID: 10016) (User: ROMANPCSTOLNI)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli ROMANPCSTOLNI\Roman (SID: S-1-5-21-2651452621-253113433-2049451952-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/31/2019 11:14:32 PM) (Source: DCOM) (EventID: 10001) (User: ROMANPCSTOLNI)
Description: Nelze spustit server DCOM: Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
298
při provádění příkazu:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
Error: (07/31/2019 11:14:32 PM) (Source: DCOM) (EventID: 10010) (User: ROMANPCSTOLNI)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy!App.AppX447jn8wbjb1qsw3jxkndb19cwgsrtrkk.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/31/2019 11:13:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_845b669 byla neočekávaně ukončena. Tento stav nastal již 10krát.
Error: (07/31/2019 11:13:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_845b669 byla neočekávaně ukončena. Tento stav nastal již 9krát.
Error: (07/31/2019 11:12:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_845b669 byla neočekávaně ukončena. Tento stav nastal již 8krát.
Error: (07/31/2019 11:12:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_845b669 byla neočekávaně ukončena. Tento stav nastal již 7krát.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1702 05/21/2010
Motherboard: ASUSTeK Computer INC. P7P55D
Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 78%
Total physical RAM: 4094.05 MB
Available physical RAM: 863.17 MB
Total Virtual: 7166.05 MB
Available Virtual: 2168.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.29 GB) (Free:26.23 GB) NTFS
Drive d: (600GB) (Fixed) (Total:596.16 GB) (Free:291.2 GB) NTFS
Drive i: (WD 2TB) (Fixed) (Total:1863.01 GB) (Free:623.4 GB) NTFS
Drive j: (ESD-ISO) (CDROM) (Total:5.37 GB) (Free:0 GB) UDF
Drive n: () (Removable) (Total:29.27 GB) (Free:20.61 GB) FAT32
\\?\Volume{3529ca86-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{3529ca86-0000-0000-0000-00b21d000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 6 (Protective MBR) (Size: 29.3 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
