Preventivní kontrola PC a čištění před tvorbou zálohy. Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40010
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod jaro3 » 13 úno 2019 21:27

Ten script jsem upravil , můžeš ho provést. Nic navíc by se nemělo smazat , jen se vyprázdní tempy.


Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
neca
Level 2
Level 2
Příspěvky: 164
Registrován: leden 12
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod neca » 13 úno 2019 22:10

jaro3 píše:Ten script jsem upravil , můžeš ho provést. Nic navíc by se nemělo smazat , jen se vyprázdní tempy.


OK

Fix result of Farbar Recovery Scan Tool (x64) Version: 13.02.2019
Ran by Roman (13-02-2019 22:07:44) Run:3
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ShortcutTarget: Acuity Update Tool.lnk -> C:\Users\Roman\AppData\Roaming\MetaQuotes\Terminal\76AE827A66F7801B9D79B1FD1D2103FD\MQL4\Experts\AcuityUpdateTool\AcuityUpdateTool.exe ()
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKU\S-1-5-21-917377831-1171802105-78364817-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
C:\Users\Roman\AppData\Local\Temp\virustotal.exe
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
C:\Users\Roman\AppData\Roaming\MetaQuotes\Terminal\76AE827A66F7801B9D79B1FD1D2103FD\MQL4\Experts\AcuityUpdateTool\AcuityUpdateTool.exe => moved successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-917377831-1171802105-78364817-1001\SOFTWARE\Google\Chrome\Extensions\bbjllphbppobebmjpjcijfbakobcheof => could not remove. Access Denied.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => not found
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
C:\Users\Roman\AppData\Local\Temp\virustotal.exe => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 98080998 B
Java, Flash, Steam htmlcache => 11492595 B
Windows/system/drivers => 3164788 B
Edge => 79145 B
Chrome => 466078833 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 8120 B
LocalService => 0 B
NetworkService => 5888 B
NetworkService => 0 B
Roman => 30299991 B

RecycleBin => 53166 B
EmptyTemp: => 588.6 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-02-2019 22:09:05)


Result of scheduled keys to remove after reboot:

HKU\S-1-5-21-917377831-1171802105-78364817-1001\SOFTWARE\Google\Chrome\Extensions\bbjllphbppobebmjpjcijfbakobcheof => could not remove. Access Denied.

==== End of Fixlog 22:09:05 ====

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40010
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod jaro3 » 13 úno 2019 22:46

jsou nějaké problémy?
jdou zapnout ty ochrany? doporučuji doinstalovat lepší antivir

Pokud nejsou:
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Další odkazy:
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

neca
Level 2
Level 2
Příspěvky: 164
Registrován: leden 12
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod neca » 14 úno 2019 08:03

# DelFix v1.013 - Logfile created 14/02/2019 at 08:01:19
# Updated 17/04/2016 by Xplode
# Username : Roman - DESKTOP-O6D3TT1
# Operating System : Windows 10 Enterprise (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\Users\Roman\Desktop\FRST-OlderVersion
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2019-02-07-210107.log
Deleted : C:\Users\Roman\Desktop\Addition.txt
Deleted : C:\Users\Roman\Desktop\AdwCleaner.exe
Deleted : C:\Users\Roman\Desktop\AdwCleaner[S02].txt
Deleted : C:\Users\Roman\Desktop\Fixlog.txt
Deleted : C:\Users\Roman\Desktop\FRST.txt
Deleted : C:\Users\Roman\Desktop\FRST64.exe
Deleted : C:\Users\Roman\Desktop\JRT.exe
Deleted : C:\Users\Roman\Desktop\JRT.txt
Deleted : C:\Users\Roman\Desktop\HijackThis.exe
Deleted : C:\Users\Roman\Desktop\RogueKiller..txt
Deleted : C:\Users\Roman\Desktop\RogueKiller_portable64.exe
Deleted : C:\Users\Roman\Desktop\scan.txt
Deleted : C:\Users\Roman\Desktop\TFC.exe
Deleted : C:\Users\Roman\Desktop\zoek-results.txt
Deleted : C:\Users\Roman\Downloads\rkill_2.9.1.064.exe
Deleted : C:\Users\Roman\Downloads\tdsskiller.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########


Ještě zkusím otestovat celý PC na funkčnost kvůly té záloze atd. a dnes večer dám vědět kolem 19.00, abychom uzavřeli toto vlákno. zatím ahoj

neca
Level 2
Level 2
Příspěvky: 164
Registrován: leden 12
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod neca » 14 úno 2019 13:55

Tak prosím ještě o kontrolu, nějak je to celé v riti. PC nabíhá pomalu pak se kouše při každé činnosti mrzne. Jediné co jsem udělal, bylo to že jsem přesunul soubory z D na E . D jsem zformátoval a sloučil s C kvůly velikosti atd. teď mám v PC jen C,D.
Některé programy neukazují ikony o to tak nejde, ale PC mrzne. Já se z toho už pos..u.Tak jsem některé programy přeinstaloval
a u některých mi vyskočí tato hláška viz foto.
Ashampoo_Snap_čtvrtek 14. února 2019_09h03m53s_001_.jpg
Co teď?
Nemáte oprávnění prohlížet přiložené soubory.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40010
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod jaro3 » 14 úno 2019 18:01

sloučením disku se může stát , že se nějaká data vždy ztratí. Nemá se to dělat když máš důležitá data na obou discích. Byla to chyba. Tady se toho nedá dělat moc. Musíš prověřit windows , některé programy nainstalovat znovu , taky možná bude hrát , to , že disk není úplně OK.
Můžeš udělat znovu CDI.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

neca
Level 2
Level 2
Příspěvky: 164
Registrován: leden 12
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod neca » 14 úno 2019 18:11

Ashampoo_Snap_čtvrtek 14. února 2019_09h03m53s_001_.jpg
jaro3 píše:sloučením disku se může stát , že se nějaká data vždy ztratí. Nemá se to dělat když máš důležitá data na obou discích. Byla to chyba. Tady se toho nedá dělat moc. Musíš prověřit windows , některé programy nainstalovat znovu , taky možná bude hrát , to , že disk není úplně OK.
Můžeš udělat znovu CDI.

Programy ty co dělají paseku jsem přeinstaloval. Dělit už disk nechci. Důležitá data mám zálohovaná, byť to občas napsalo, že z disku 2 WD z některých sektorů nejdou přečíst data. Nové disky jsou už ale na cestě.
Jde o to, že je teď PC pomalé a při instalaci nového programu vyskočí právě ta hláška. Tak jak ji opravit? Ještě jsem vypozoroval že se asi nemá rád winDefender s tou ochranou od IBM k bankovnictví, nějak se to asi možná hádá. No teď by to ale chtělo opravit tu hlášku.

Hláška odstraněna dělá to win defender nedovolí instalaci, musel jsem ho uplně vypnout přes gpedit.mcc přes vlastnosti
napadlo to synátora. To je mazec. takže to je také v cajku teĎ mám teda ještě udělat nějaký log ať víme že je PC v cajku jak od viru tak bordelu a ze je v kondici?
Nemáte oprávnění prohlížet přiložené soubory.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40010
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod jaro3 » 14 úno 2019 19:52

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt

Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

neca
Level 2
Level 2
Příspěvky: 164
Registrován: leden 12
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod neca » 14 úno 2019 20:34

OTL Extras logfile created on: 14.02.2019 20:14:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roman\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17763.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

7,94 Gb Total Physical Memory | 5,55 Gb Available Physical Memory | 69,83% Memory free
9,82 Gb Paging File | 6,65 Gb Available in Paging File | 67,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 222,08 Gb Total Space | 81,94 Gb Free Space | 36,90% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 106,78 Gb Free Space | 71,64% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-O6D3TT1 | User Name: Roman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]
"DisableAvCheck" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = C6 A0 A9 7C 4F C4 D4 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]
"DisableAvCheck" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EB1C376-EAF0-437D-B4CE-9DF62FC4CB4B}" = lport=8125 | protocol=6 | dir=in | name=burst api |
"{316F1C9E-4877-42F6-966E-30599C887CFD}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{5C0DA9F6-AB80-44FE-889D-7315E95D53D7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{82DC56C5-9CEC-431A-BB03-25E84BC1BFA2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{852BEC26-A0FA-4B64-93EB-BBF82074D1B8}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{8686EF87-6903-4803-9858-016BE76F23A3}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8DDD8209-CAE2-41F5-8051-F7535BBACB07}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BA7F3BE0-6D50-4442-B04B-249159F34548}" = lport=8123 | protocol=6 | dir=in | name=burst peers |
"{C2EE37FD-06AF-4DC4-B6B6-2EE38F2DA13E}" = lport=2968 | protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{D0F4386F-C2DE-469A-89EB-077A5F73EFF1}" = lport=2968 | protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{EAF6699F-C4C0-465A-A933-26DCADB005CA}" = lport=48010 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{EE47111E-374C-48BF-B5F5-80BAB1A6173B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0123B9E1-6C73-45D1-BDA5-EE93263329F7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0175C699-D1A5-451A-815A-4D434BFD412C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{01D5351C-6382-4F22-BE65-B2BDC86BDA02}" = protocol=17 | dir=in | app=d:\programy\steam\steamapps\common\crossout\launcher.exe |
"{04383900-DD71-483C-9753-A1C6BD4F195E}" = dir=out | name=@{microsoft.lockapp_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{05B8301E-BC0F-4B49-AEAF-2EF4B5658A85}" = dir=in | name=microsoft sticky notes |
"{0677CC7C-9006-4E56-88B5-B9B9B6F2F203}" = dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"{0A021D85-3F93-4C07-B324-0560ACD02F79}" = dir=out | name=@{microsoft.bingnews_4.28.3242.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithtagline} |
"{0A624E9C-517A-43D0-AE49-27744280B771}" = dir=out | name=@{microsoft.messaging_4.1810.2922.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{0C84A9CD-C19C-4150-89F2-50FBDF11414D}" = dir=out | name=@{microsoft.bingweather_4.28.10351.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{0D1FA3A2-29F9-4653-B3DE-17FFE655A8AD}" = dir=out | name=@{microsoft.people_10.1811.3343.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{0E257235-F5FF-4ADD-A4DC-93B6C56D0C5E}" = dir=out | name=microsoft pay |
"{0EA0024B-D5A5-4E49-83C6-D36232310560}" = dir=out | name=3d builder |
"{11F7FC11-198E-4886-ACFC-B894544BABB8}" = protocol=17 | dir=in | app=c:\program files\ccleaner\ccupdate.exe |
"{13C2A688-55B1-4836-ACD0-014C420C4106}" = dir=out | name=@{a278ab0d.marchofempires_3.8.0.13_x86__h6adky7gbf63m?ms-resource://a278ab0d.marchofempires/resources/marchofempires} |
"{1604B5C8-ACB7-4A47-823B-03571AC9A378}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{1626B614-4E71-4DA6-AEB4-B85A8EB43F7F}" = dir=in | app=c:\program files (x86)\acronis\trueimagehome\mobile_backup_status_server.exe |
"{17D4EC0F-214D-49DA-B04D-C92C19A54CE6}" = dir=out | app=c:\games\world_of_tanks\wotlauncher.exe |
"{186CB6C8-DDF3-42EA-9EAC-AA4496EB3C88}" = dir=in | app=c:\program files (x86)\common files\acronis\activeprotection\anti_ransomware_service.exe |
"{1914E070-A12E-4926-87C4-F3EF78FE47CB}" = dir=in | app=c:\program files (x86)\acronis\trueimagehome\trueimage.exe |
"{1A34112D-A535-42E2-A374-179416B7E76C}" = dir=in | name=@{microsoft.windows.photos_2019.18114.17710.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{1DA7C3FD-E96B-4899-8357-20FEA3A296DB}" = protocol=6 | dir=in | app=d:\programy\steam\steamapps\common\crossout\launcher.exe |
"{2123D3D2-F6A9-441C-8C96-6DAEC912035E}" = dir=out | name=@{microsoft.mspaint_5.1811.20017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{2CC1A70F-14A2-4560-AF6B-8603F43C072D}" = protocol=6 | dir=in | app=d:\programy\steam\steam.exe |
"{2EFAC521-D3B6-4132-ADFA-15E9129BA12E}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{2FE1EDC5-7EAF-4975-BB26-3B741BAC4D9D}" = dir=out | name=@{microsoft.windowscamera_2018.825.100.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/resources/appstorename} |
"{300B8546-B33D-448B-A28D-4722E7707379}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1805.2331.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{31951AEE-A596-4A31-BC01-713544D16E44}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1805.2331.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{35375BDE-5A57-4225-8281-5588C64B7AFB}" = dir=in | app=c:\program files (x86)\acronis\trueimagehome\ga_service.exe |
"{377F4D95-41C7-4C5E-A65A-EDE25AEC64C8}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{378BF7B4-1F8E-4118-8540-856F87A9BD0F}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.30311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{3DA501E3-CC53-49EE-B3EE-609E849DC6D8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3DC845FB-CA44-4004-A2AA-80159CE859DF}" = dir=out | name=@{microsoft.zunemusic_10.19011.11311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{4076AE34-EFC9-47E3-9C49-6FCE92F740F1}" = dir=in | name=@{microsoft.ppiprojection_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{425CA5C8-6179-43F2-B634-BA0A175D6E7E}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{44441950-4298-4AE3-A753-720DBC1564AB}" = dir=out | name=microsoft solitaire collection |
"{445015F8-7397-4B1E-A086-6039D146FC59}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{4671C845-C109-4693-9DF0-C66B1EDCE0C1}" = dir=out | name=@{microsoft.yourphone_1.0.20388.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{4B3838EC-9997-4ACD-A055-DCEDE33E2049}" = dir=out | name=@{microsoft.windowscalculator_10.1811.3241.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{4BD9739A-C15F-4B13-AAFB-BF97A3301809}" = dir=in | app=c:\program files (x86)\common files\acronis\mobilebackupserver\mobile_backup_server.exe |
"{4D759BE4-6284-4B07-93ED-2101401D658E}" = dir=out | name=@{microsoft.getstarted_7.2.13253.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{4E137290-8D9C-44BF-BEA6-65528674E773}" = dir=in | app=c:\program files (x86)\acronis\trueimagehome\trueimagetools.exe |
"{50F36B0D-5BD2-4705-AA0C-B3BA0644A10A}" = dir=in | name=@{microsoft.zunemusic_10.19011.11311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{51E83AD0-A5CC-4662-81E1-63B8F1E9B197}" = dir=out | name=xbox game bar |
"{51F69A6C-2739-465B-A382-1F819FF5A0E2}" = dir=out | name=@{microsoft.win32webviewhost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{5510E2D5-FAE1-4CFA-AB09-9BC8BF370297}" = dir=out | name=minecraft for windows 10 |
"{554B8429-2E75-4217-BBCE-172B0E805B50}" = dir=in | app=c:\program files (x86)\acronis\trueimagehome\acronis_drive.exe |
"{576EF4A0-0737-4BE8-A094-091CDE5BDBF7}" = dir=in | name=minecraft for windows 10 |
"{58D8D548-E40E-4119-8A00-E85986A87977}" = dir=out | name=print 3d |
"{59CC1C47-3D39-4094-819C-5B6C7DD02ED0}" = dir=in | name=@{microsoft.microsoftedge_44.17763.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{5B2E5858-B0A6-4FC3-9803-00305D4C2C61}" = dir=in | name=skype |
"{5C31E655-2295-4170-A423-E3BA19AA975C}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{5EB705F8-9C59-4D8A-A090-B692BCBC00CE}" = dir=in | name=microsoft solitaire collection |
"{6047C363-A872-4FAC-A7D8-AD77388E3C55}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.30311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{625D6B1C-2717-40A1-8D02-A6DB9DB6F0FD}" = dir=out | name=shell input application |
"{6BEED4A9-E24F-4832-9E17-BF8E429592F8}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{76521A65-A80F-437E-8D25-F9F7CCF20A41}" = dir=in | app=c:\program files (x86)\common files\acronis\infrastructure\mms_mini.exe |
"{798FD897-A091-4CEA-81A0-E22E037AB6A0}" = dir=in | name=onenote |
"{7ADE461B-135D-414E-B057-AA3B6AA10B7A}" = dir=in | app=c:\program files (x86)\common files\acronis\trueimagehome\trueimagehomeservice.exe |
"{7AF439CC-7BD2-42F9-9CC0-8BDEF0B1CBED}" = dir=in | app=c:\program files (x86)\acronis\trueimagehome\mediabuilder.exe |
"{7BB21D3B-3881-4E30-AFCF-DFFF569C12DC}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} |
"{7BF9125F-E61D-45A5-8297-2A3EA8D10E93}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{7D1B4014-1B08-4C90-90E4-B3EB90A6951B}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{7D97AB8E-3E6A-45D8-AA63-5CA3283B2163}" = protocol=6 | dir=in | app=e:\car mechanic simulator 2018\steamapps\common\car mechanic simulator 2018\cms2018.exe |
"{7DC83200-5420-464A-A952-8C7250FF2BE5}" = dir=in | name=@{microsoft.xboxgamingoverlay_2.24.5004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxgamingoverlay/resources/gamebar} |
"{83749C94-B794-45E1-8C15-DE114E9F9A4C}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{8647955E-BDA7-41B4-B986-62F93A7A4FAE}" = dir=out | name=xbox |
"{879B1B5F-4F09-4C4E-8EC7-0624D82C3A86}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{8A970E0C-DCC0-42CD-A10B-1DA930BBFD8C}" = dir=out | app=c:\games\world_of_tanks\worldoftanks.exe |
"{92E53219-5068-4566-9260-1B5E78A61143}" = dir=out | name=@{microsoft.windowsmaps_5.1811.3233.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{936B3F7B-2912-47D3-B25A-89EF773905F9}" = protocol=17 | dir=in | app=d:\programy\steam\bin\cef\cef.win7x64\steamwebhelper.exe |
"{9452F83D-BDE0-4771-BF6E-4B7D9EE194BB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{958A69CD-27F2-4DE9-B656-45E6E8117CF9}" = dir=in | name=@{a278ab0d.marchofempires_3.8.0.13_x86__h6adky7gbf63m?ms-resource://a278ab0d.marchofempires/resources/marchofempires} |
"{988113B2-6236-40D9-B32A-3F4967ADCD0C}" = protocol=6 | dir=in | app=d:\programy\steam\bin\cef\cef.win7x64\steamwebhelper.exe |
"{9A677DF2-41DD-41E0-9CD9-970279A4116C}" = dir=in | name=autodesk sketchbook |
"{9B37189F-9956-4102-A5CD-DE9A44E003E9}" = dir=in | name=@{microsoft.win32webviewhost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{9FD07CC4-D629-4AE8-A985-357232EDC237}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{A0ABD3F6-7758-46FF-B3F3-100D28CF61E6}" = dir=out | name=@{microsoft.mixedreality.portal_2000.19011.1132.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} |
"{A3678F93-8792-42FC-8DE1-46799903123D}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{A4283DC3-E7CE-443F-8665-4EF83562DF7C}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.17763.1_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} |
"{A9D44262-6BC3-474A-8515-AA6F81EC48FF}" = dir=out | name=@{microsoft.xboxidentityprovider_12.46.25001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{AA589F07-0061-450C-8194-A223EADC4D1D}" = dir=out | name=microsoft sticky notes |
"{AD47C878-D236-4408-840C-F9A76F8664F5}" = protocol=6 | dir=in | app=c:\program files\ccleaner\ccupdate.exe |
"{AD83030C-A651-4139-89DB-61A12E9FE47E}" = dir=in | app=c:\program files (x86)\bignox\bignoxvm\rt\noxvmhandle.exe |
"{B2083F7B-060B-4864-AED3-86C584DBF6A8}" = dir=in | name=@{microsoft.messaging_4.1810.2922.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{B39BAA5C-F32B-4888-B74B-DFFB7FDFD9EC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B4F1CAC3-54B5-44F9-95CB-644597E234EB}" = dir=out | name=@{microsoft.windowsstore_11811.1001.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{B534048A-FC10-4DC8-A234-6DEEC013D697}" = dir=in | name=@{microsoft.microsoftofficehub_17.10314.31700.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{B5DA7E77-BE58-49B7-B46A-EC6F6DE47714}" = dir=out | name=@{microsoft.windows.cortana_1.11.5.17763_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{BB7D2368-AE76-4020-BF73-06A3F70613E5}" = dir=out | name=xbox tcui |
"{BD95558A-F225-41E9-ACE8-7206EF380D56}" = dir=in | name=@{microsoft.windowsstore_11811.1001.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{BE260B7D-DF01-480B-9C54-3FEBBA435A53}" = dir=in | app=c:\program files (x86)\common files\acronis\syncagent\syncagentsrv.exe |
"{BE72F1D0-F48B-4DF1-83F0-ECE5E84C6941}" = dir=in | name=@{microsoft.oneconnect_5.1901.311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{BF56F0E6-5FE5-4297-962F-FCCA130B70E9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{BFE8460A-408B-4616-859B-A542183B93D6}" = dir=out | name=autodesk sketchbook |
"{C0276BB7-DE75-4A3B-91D1-B33EF72CCA05}" = dir=out | name=@{microsoft.microsoftedge_44.17763.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{C112217C-FAF5-44D4-8049-04C04EB78AC6}" = dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"{C29F1A6F-5AF1-4A95-A2E6-7595E7453850}" = dir=in | name=xbox |
"{C2C5AE8F-C807-4933-B101-341BD7D9165C}" = dir=out | name=windows_ie_ac_001 |
"{C3B360BC-EA4A-497E-BA8B-44EC3D931BD8}" = dir=in | app=c:\program files (x86)\nox\bin\nox.exe |
"{C58806E3-55CA-4FFE-8672-7B06F6289175}" = dir=out | name=@{microsoft.microsoftofficehub_17.10314.31700.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{C7F6165B-E0B0-4F75-8AC6-519D8C3CC954}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{CCA889A8-537A-4623-8E85-C56BEB7B9D33}" = dir=out | name=@{microsoft.ppiprojection_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{CF02B6C4-D566-432C-BD17-9110B8DB006D}" = dir=in | name=@{microsoft.zunevideo_10.19011.11311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{D19F2803-3CE6-4479-8572-52F8609830DD}" = dir=in | app=c:\program files (x86)\acronis\trueimagehome\systemreport.exe |
"{D3FA1F42-9D63-4E40-8376-C9ED34A5853A}" = dir=out | name=skype |
"{D4033035-8EAE-442D-881B-5993B27A9EFE}" = dir=in | name=print 3d |
"{D49B20A6-922B-4B18-A615-B36305E7CA14}" = protocol=17 | dir=in | app=c:\program files\ccleaner\ccupdate.exe |
"{D7EAB88D-2BA9-439F-A415-093C49E20CB9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{D84DBC1A-F31A-4DD6-A233-623480243177}" = dir=in | name=@{microsoft.yourphone_1.0.20388.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{D88BA187-A0F7-42F1-9049-D5694EA6CBC7}" = dir=out | name=@{microsoft.storepurchaseapp_11811.1001.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{DA099CA3-0845-4049-9496-0BDA5865B0F4}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{DB4F6314-797C-4BED-B57C-45C7EA293A80}" = dir=out | name=onenote |
"{DC8366C5-D747-4719-82F4-F56A4401BC13}" = dir=out | name=@{microsoft.microsoft3dviewer_5.1811.27012.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{DF720423-041E-4960-97C5-D721F9EBAFB7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{E0D98A43-AA7F-44F1-B66A-48C6620EDD7B}" = dir=in | app=c:\program files\zoner\photo studio 17\program32\mediaserver.exe |
"{E2D866C3-1931-48A0-9289-BE12C81E9B60}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{E4F46B72-2487-4842-A3ED-37E0CAC0708D}" = dir=in | app=c:\program files (x86)\acronis\trueimagehome\trueimagemonitor.exe |
"{E59EEC21-C6D0-4EF0-B3BE-58A3EF1BAC9B}" = dir=out | name=@{microsoft.oneconnect_5.1901.311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{E63556E9-D36E-4637-8415-37E76117EDFD}" = dir=out | name=@{microsoft.gethelp_10.1706.12921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{E8E66809-1BFE-4471-9417-FAD818E0EF6E}" = dir=out | name=@{microsoft.zunevideo_10.19011.11311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{EA31FCA4-0F4F-437E-B019-A58A3CC2BCCE}" = dir=in | name=@{microsoft.windows.cortana_1.11.5.17763_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{ECCA3A91-48A0-400B-8AC1-9EE17D1355AF}" = dir=out | name=windows_ie_ac_001 |
"{ECE9905C-30CE-45B3-9653-2875FD547B27}" = dir=out | name=@{microsoft.accountscontrol_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{F2E557D1-3991-4DDF-B8AD-7477E6F49FCF}" = dir=out | name=@{microsoft.xboxgamingoverlay_2.24.5004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxgamingoverlay/resources/gamebar} |
"{F433FCF7-86A4-436A-9F38-B64661BF6C0F}" = protocol=17 | dir=in | app=e:\car mechanic simulator 2018\steamapps\common\car mechanic simulator 2018\cms2018.exe |
"{F4A6C2C8-F84B-4A42-A7EE-931C29DEBC6F}" = protocol=6 | dir=in | app=c:\program files\ccleaner\ccupdate.exe |
"{F50C8D93-85A3-4C13-AAC6-6762A81867E2}" = protocol=17 | dir=in | app=d:\programy\steam\steam.exe |
"{FCDE13FE-5C81-440D-B62A-F21D2ABC455C}" = dir=out | name=@{microsoft.windows.photos_2019.18114.17710.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"TCP Query User{52E97030-BF80-4092-AC51-E124622F27FF}C:\program files\nxt\nxt.exe" = protocol=6 | dir=in | app=c:\program files\nxt\nxt.exe |
"TCP Query User{9FC74FF4-90B0-442A-8A48-181B3A34C7E4}C:\program files\ardor\ardor.exe" = protocol=6 | dir=in | app=c:\program files\ardor\ardor.exe |
"TCP Query User{A3F3CF40-D7BD-4FFC-BCD8-747B281A3292}C:\program files\ardor\ardor.exe" = protocol=6 | dir=in | app=c:\program files\ardor\ardor.exe |
"TCP Query User{E24BB9DC-681B-4990-BB07-82A176373E1B}C:\program files\nxt\nxt.exe" = protocol=6 | dir=in | app=c:\program files\nxt\nxt.exe |
"UDP Query User{3CAEA1AA-7A65-43DD-9AC4-11E2A0334C7C}C:\program files\nxt\nxt.exe" = protocol=17 | dir=in | app=c:\program files\nxt\nxt.exe |
"UDP Query User{4DE31957-91C1-4719-A423-0BD06AC5CBAA}C:\program files\ardor\ardor.exe" = protocol=17 | dir=in | app=c:\program files\ardor\ardor.exe |
"UDP Query User{82200298-4A89-48EA-9137-DAC80D892A33}C:\program files\nxt\nxt.exe" = protocol=17 | dir=in | app=c:\program files\nxt\nxt.exe |
"UDP Query User{F8F0A7D9-873F-4729-A253-99C4A3BF0130}C:\program files\ardor\ardor.exe" = protocol=17 | dir=in | app=c:\program files\ardor\ardor.exe |

neca
Level 2
Level 2
Příspěvky: 164
Registrován: leden 12
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod neca » 14 úno 2019 20:38

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{71307D56-8005-5F5E-9227-BFA2754D6E54}" = Java(TM) SE Development Kit 10.0.2 (64-bit)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{9F0B916A-F7DD-4335-923E-397979C6AE1B}_is1" = Active@ UNDELETE Ultimate 10
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B0169E83-757B-EF66-E2F0-391944D785BC}" = Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = NVIDIA Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 418.91
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 418.91
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 418.91
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.17.0.126
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 390.41
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 35.0.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.18.0907
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 35.0.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer" = DisplayDriverAnalyzer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = NVIDIA SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvAbHub" = NVIDIA ABHub
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper" = NVIDIA TelemetryApi helper for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor" = NVAPI Monitor plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session" = NVIDIA Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog" = NVIDIA Display Watchdog Plugin
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer" = NVIDIA Display Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NVIDIA NodeJS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NVIDIA Telemetry Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci" = NVIDIA Virtual Host Controller
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 3.17.0.126
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = NVIDIA SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 4.11.1
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D559687A-60C5-4786-9429-C21EC195789D}" = ANT Drivers Installer x64
"{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215
"Ardor 2.0.11" = Ardor 2.0.11
"Ardor 2.0.12" = Ardor 2.0.12
"Ardor 2.0.13" = Ardor 2.0.13
"Ardor 2.0.14" = Ardor 2.0.14
"Ardor 2.0.14(1)" = Ardor 2.0.14(1)
"Ardor 2.1.1e" = Ardor 2.1.1e
"Ardor 2.1.2" = Ardor 2.1.2
"Ardor 2.1.2(1)" = Ardor 2.1.2(1)
"CCleaner" = CCleaner
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
"EPSON L386 Series" = EPSON L386 Series Printer Uninstall
"Everything" = Everything 1.4.1.895 (x64)
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"NXT 1.11.10" = NXT 1.11.10
"NXT 1.11.11" = NXT 1.11.11
"NXT 1.11.12" = NXT 1.11.12
"NXT 1.11.13" = NXT 1.11.13
"NXT 1.11.14" = NXT 1.11.14
"NXT 1.11.15" = NXT 1.11.15
"Recuva" = Recuva
"Steam App 386180" = Crossout
"Steam App 645630" = Car Mechanic Simulator 2018
"USB Disk Storage Format Tool_is1" = USB Disk Storage Format Tool 5.3
"WinRAR archiver" = WinRAR 5.31 (64-bit)
"ZonerPhotoStudio17_CZ_is1" = Zoner Photo Studio 17

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}" = ASUS GPU TweakII
"{027399E9-B197-43FF-BE79-490D9F106DDF}" = Acronis True Image
"{027399E9-B197-43FF-BE79-490D9F106DDF}Visible" = Acronis True Image
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{09907A60-5843-4E83-A471-3102A42231B8}_is1" = SD Card Recovery
"{0A11EA01-7909-E272-BFA6-BC39E55F240A}_is1" = Ashampoo Snap 10
"{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}" = Elevated Installer
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4830989D-5FA5-41DF-A02F-5D1B4D5C73B8}" = Epson Software Updater
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic version 1.36
"{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}" = EPSON Scan OCR Component
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{6BF9F374-EC67-4808-A90C-F127DE6D989D}" = Epson E-Web Print
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}" = Příručky společnosti EPSON
"{8D7F1211-6E40-43E5-97B2-FAE136D2BBC1}" = Acuity Expert Advisor
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{95D0EADA-5123-41C0-931A-F37946BC0E8E}" = Garmin Express
"{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1" = Kingston SSD Manager version 1.1.1.8
"{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}" = Epson Printer Connection Checker
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-0804-1033-1959-001824298644}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{d992c12e-cab2-426f-bde3-fb8c53950b0d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
"{E244A764-EDD0-46B0-8689-661F6B28D9E5}" = Epson Event Manager
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{eab4691c-4022-41cd-8d39-c3097ba62d4b}" = Garmin Express
"{F05A434E-D3CF-4B44-9D3E-779D42090781}" = Epson Easy Photo Print 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Anvi Folder Locker" = Anvi Folder Locker 1.0.1225.0
"CrossOutLauncher_is1" = Crossout Launcher 1.0.3.73
"CrystalDiskInfo_is1" = CrystalDiskInfo 7.5.0
"DocRepair" = DocRepair
"Epson Scan 2" = Epson Scan 2
"Google Chrome" = Google Chrome
"InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}" = ASUS GPU TweakII
"Kingston SSD Toolbox" = Kingston SSD Toolbox (D:\Programy\KingstonSSD toolbox)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.0.1024
"MetaTrader 4 Admiral Markets" = MetaTrader 4 Admiral Markets
"Nox" = Nox APP Player
"NQuotes" = NQuotes
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Rapport_msi" = Ochrana koncového bodu Trusteer
"Securely File Shredder" = Securely File Shredder
"Steam" = Steam

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1" = World of Tanks
"{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1" = Telegram Desktop version 1.5.15
"0122-2184-6270-6926" = JForex Platform
"authy-electron" = Authy Desktop
"OneDriveSetup.exe" = Microsoft OneDrive
"ProRealTime_is1" = ProRealTime
"RESCUE 2013" = RESCUE 2013

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14.02.2019 7:33:27 | Computer Name = DESKTOP-O6D3TT1 | Source = Application Hang | ID = 1002
Description = Program WinRAR.exe verze 5.31.0.0 přestal spolupracovat s Windows
a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto
problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID
procesu: 2e98 Čas spuštění: 01d4c458e2e7e3cc Čas ukončení: 36588 Cesta k aplikaci:
C:\Program Files\WinRAR\WinRAR.exe ID hlášení: f22704fd-0577-490f-bb92-e25d813c0483

Úplný
název balíčku s chybou: ? ID aplikace relativní podle balíčku s chybou: ? Typ zablokování:
Unknown

Error - 14.02.2019 8:09:24 | Computer Name = DESKTOP-O6D3TT1 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Steam.exe, verze: 0.0.0.0, časové razítko:
0x5c55d225 Název chybujícího modulu: tier0_s.dll, verze: 0.0.0.0, časové razítko:
0x5c55d1ba Kód výjimky: 0xc0000006 Posun chyby: 0x0001f27d ID chybujícího procesu:
0x2a18 Čas spuštění chybující aplikace: 0x01d4c45ad9d834a2 Cesta k chybující aplikaci:
D:\Programy\Steam\Steam.exe Cesta k chybujícímu modulu: D:\Programy\Steam\tier0_s.dll
ID
zprávy: 51162cdd-910e-47a2-bbca-4bc8b7d3ea2a Úplný název chybujícího balíčku: ? ID
aplikace související s chybujícím balíčkem: ?

Error - 14.02.2019 8:09:24 | Computer Name = DESKTOP-O6D3TT1 | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru ? z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Steam.exe. Program: Steam.exe Soubor: ? Hodnota
chyby je uvedena v části Další údaje. Akce uživatele 1. Otevřete soubor znovu. Může
se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud
k souboru stále nelze získat přístup a: - Nachází se v síti, měl by správce sítě
ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném
disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen
do počítače. 3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz
CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte,
zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen.
Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: C000026E Typ disku: 0

Error - 14.02.2019 8:09:29 | Computer Name = DESKTOP-O6D3TT1 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: steamwebhelper.exe, verze: 0.0.0.0, časové
razítko: 0x5c55d1cf Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.292,
časové razítko: 0x7ded7809 Kód výjimky: 0xc0000006 Posun chyby: 0x0000000000006ad2
ID
chybujícího procesu: 0x2cf0 Čas spuštění chybující aplikace: 0x01d4c45ae201313d Cesta
k chybující aplikaci: D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Cesta
k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll ID zprávy: cfda2f8b-821c-4790-9d85-00600fb31a7e
Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 14.02.2019 8:09:29 | Computer Name = DESKTOP-O6D3TT1 | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru ? z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program steamwebhelper.exe. Program: steamwebhelper.exe
Soubor:
? Hodnota chyby je uvedena v části Další údaje. Akce uživatele 1. Otevřete soubor
znovu. Může se jednat o dočasný problém, který se při novém spuštění programu nebude
opakovat. 2. Pokud k souboru stále nelze získat přístup a: - Nachází se v síti, měl
by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
-
Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je
disk správně vložen do počítače. 3. Zkontrolujte a opravte systém souborů pomocí
nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit,
zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz
CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze
záložní kopie. 5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud
ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo
na dodavatele počítačového hardwaru se žádostí o pomoc. Další údaje Hodnota chyby:
C000026E Typ disku: 0

Error - 14.02.2019 8:09:32 | Computer Name = DESKTOP-O6D3TT1 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: steamwebhelper.exe, verze: 0.0.0.0, časové
razítko: 0x5c55d1cf Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.292,
časové razítko: 0x7ded7809 Kód výjimky: 0xc0000006 Posun chyby: 0x0000000000006ad2
ID
chybujícího procesu: 0x2cd0 Čas spuštění chybující aplikace: 0x01d4c45ae2e101b7 Cesta
k chybující aplikaci: D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Cesta
k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll ID zprávy: 424f2f8d-6b33-4708-a8d6-5c23d3543a98
Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 14.02.2019 8:09:32 | Computer Name = DESKTOP-O6D3TT1 | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru ? z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program steamwebhelper.exe. Program: steamwebhelper.exe
Soubor:
? Hodnota chyby je uvedena v části Další údaje. Akce uživatele 1. Otevřete soubor
znovu. Může se jednat o dočasný problém, který se při novém spuštění programu nebude
opakovat. 2. Pokud k souboru stále nelze získat přístup a: - Nachází se v síti, měl
by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
-
Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je
disk správně vložen do počítače. 3. Zkontrolujte a opravte systém souborů pomocí
nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit,
zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz
CHKDSK /F a stiskněte klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze
záložní kopie. 5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud
ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo
na dodavatele počítačového hardwaru se žádostí o pomoc. Další údaje Hodnota chyby:
C000026E Typ disku: 0

Error - 14.02.2019 8:32:37 | Computer Name = DESKTOP-O6D3TT1 | Source = Application Hang | ID = 1002
Description = Program Rescue2013.exe verze 4.2.2.12621 přestal spolupracovat s Windows
a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto
problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID
procesu: 1d90 Čas spuštění: 01d4c4613f6a776d Čas ukončení: 12953 Cesta k aplikaci:
E:\Hry\Rescue\Rescue2013\Rescue2013.exe ID hlášení: 378e9fc3-1f91-4257-834f-8e58b97e3251

Úplný
název balíčku s chybou: ? ID aplikace relativní podle balíčku s chybou: ? Typ zablokování:
Unknown

Error - 14.02.2019 9:53:01 | Computer Name = DESKTOP-O6D3TT1 | Source = Application Hang | ID = 1002
Description = Program Rescue2013.exe verze 4.2.2.12621 přestal spolupracovat s Windows
a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto
problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID
procesu: 2b7c Čas spuštění: 01d4c46c63452cf4 Čas ukončení: 243 Cesta k aplikaci: D:\Hry\Rescue\Rescue2013\Rescue2013.exe

ID
hlášení: 1412be27-635e-432b-b2b8-f8d4b85e5023 Úplný název balíčku s chybou: ? ID
aplikace relativní podle balíčku s chybou: ? Typ zablokování: Unknown

Error - 14.02.2019 12:33:56 | Computer Name = DESKTOP-O6D3TT1 | Source = Acronis Scheduler | ID = 1
Description = Plánovač nemohl spustit úlohu >> "" s GUID '8F3ACC77-DD78-4A7F-A5FD-55B2680C0720'
kvůli chybě 87> (Plánovač obdržel požadavek s neplatným parametrem.).

[ Parameters Events ]
OTL encountered an error while reading this event log. It may be corrupt.
[ State Events ]
OTL encountered an error while reading this event log. It may be corrupt.
Error - 14.02.2019 15:09:56 | Computer Name = DESKTOP-O6D3TT1 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error - 14.02.2019 15:09:58 | Computer Name = DESKTOP-O6D3TT1 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error - 14.02.2019 15:10:00 | Computer Name = DESKTOP-O6D3TT1 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error - 14.02.2019 15:10:03 | Computer Name = DESKTOP-O6D3TT1 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error - 14.02.2019 15:10:05 | Computer Name = DESKTOP-O6D3TT1 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error - 14.02.2019 15:10:07 | Computer Name = DESKTOP-O6D3TT1 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error - 14.02.2019 15:10:09 | Computer Name = DESKTOP-O6D3TT1 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error - 14.02.2019 15:10:11 | Computer Name = DESKTOP-O6D3TT1 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error - 14.02.2019 15:10:32 | Computer Name = DESKTOP-O6D3TT1 | Source = Ntfs | ID = 55
Description = Ve struktuře systému souborů na svazku D: bylo zjištěno poškození.

Bylo
nalezeno poškození ve struktuře indexů systému souborů. Referenční číslo souboru
je 0x2000000005e0a. Název souboru je \Programy\Steam\package\tmp\public. Poškozený
atribut indexu je :$I30:$INDEX_ALLOCATION.

Error - 14.02.2019 15:10:33 | Computer Name = DESKTOP-O6D3TT1 | Source = DCOM | ID = 10016
Description =


< End of report >

neca
Level 2
Level 2
Příspěvky: 164
Registrován: leden 12
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod neca » 14 úno 2019 20:41

OTL logfile created on: 14.02.2019 20:14:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roman\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17763.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

7,94 Gb Total Physical Memory | 5,55 Gb Available Physical Memory | 69,83% Memory free
9,82 Gb Paging File | 6,65 Gb Available in Paging File | 67,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 222,08 Gb Total Space | 81,94 Gb Free Space | 36,90% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 106,78 Gb Free Space | 71,64% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-O6D3TT1 | User Name: Roman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Roman\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
PRC - D:\Programy\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Node.js)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Games\World_of_Tanks\WargamingGameUpdater.exe (Wargaming.net)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe ()
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe ()
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe ()
PRC - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe ()
PRC - C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH)
PRC - C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH)
PRC - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis International GmbH)
PRC - C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe ()


========== Modules (No Company Name) ==========

MOD - D:\Programy\Steam\video.dll ()
MOD - D:\Programy\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvShadowPlayAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvABHubAPI.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node ()
MOD - D:\Programy\Steam\SDL2.dll ()
MOD - D:\Programy\Steam\libswscale-4.dll ()
MOD - D:\Programy\Steam\libavcodec-57.dll ()
MOD - D:\Programy\Steam\libavutil-55.dll ()
MOD - D:\Programy\Steam\libavformat-57.dll ()
MOD - D:\Programy\Steam\libavresample-3.dll ()
MOD - C:\Windows\SysWOW64\InputHost.dll ()
MOD - C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll ()
MOD - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe ()
MOD - C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll ()
MOD - C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll ()
MOD - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe ()
MOD - C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll ()
MOD - C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp.dll ()
MOD - C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll ()
MOD - C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll ()
MOD - C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll ()
MOD - C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll ()
MOD - C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll ()
MOD - D:\Programy\Steam\v8.dll ()
MOD - D:\Programy\Steam\icui18n.dll ()
MOD - D:\Programy\Steam\icuuc.dll ()
MOD - D:\Programy\Steam\openvr_api.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (Sense) -- C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe (Microsoft Corporation)
SRV:64bit: - (AssignedAccessManagerSvc) -- C:\Windows\SysNative\assignedaccessmanagersvc.dll (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (BcastDVRUserService) -- C:\Windows\SysNative\bcastdvruserservice.dll (Microsoft Corporation)
SRV:64bit: - (DisplayEnhancementService) -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll (Microsoft Corporation)
SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BTAGService) -- C:\Windows\SysNative\BTAGService.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\psmsrv.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (NvTelemetryContainer) -- C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerNetworkService) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (UevAgentService) -- C:\Windows\SysNative\AgentService.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppVClient) -- C:\Windows\SysNative\AppVClient.exe (Microsoft Corporation)
SRV:64bit: - (ssh-agent) -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe ()
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (DevicePickerUserSvc) -- C:\Windows\SysNative\Windows.Devices.Picker.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation)
SRV:64bit: - (SharedRealitySvc) -- C:\Windows\SysNative\SharedRealitySvc.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (diagsvc) -- C:\Windows\SysNative\DiagSvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (cbdhsvc) -- C:\Windows\SysNative\CBDHSvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (ConsentUxUserSvc) -- C:\Windows\SysNative\ConsentUxClient.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (SgrmBroker) -- C:\Windows\SysNative\SgrmBroker.exe (Microsoft Corporation)
SRV:64bit: - (perceptionsimulation) -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc) -- C:\Windows\SysNative\PrintWorkflowService.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicePickerUserSvc_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (ConsentUxUserSvc_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (cbdhsvc_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CaptureService_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (BluetoothUserService_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (BcastDVRUserService_4ab37) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (CaptureService) -- C:\Windows\SysNative\CaptureService.dll (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (BthAvctpSvc) -- C:\Windows\SysNative\BthAvctpSvc.dll (Microsoft Corporation)
SRV:64bit: - (InstallService) -- C:\Windows\SysNative\InstallService.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (WaaSMedicSvc) -- C:\Windows\SysNative\WaaSMedicSvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (PushToInstall) -- C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (GraphicsPerfSvc) -- C:\Windows\SysNative\GraphicsPerfSvc.dll (Microsoft Corporation)
SRV:64bit: - (WarpJITSvc) -- C:\Windows\SysNative\Windows.WARP.JITService.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (camsvc) -- C:\Windows\SysNative\CapabilityAccessManager.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WManSvc) -- C:\Windows\SysNative\Windows.Management.Service.dll (Microsoft Corporation)
SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (WpcMonSvc) -- C:\Windows\SysNative\WpcDesktopMonSvc.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (BluetoothUserService) -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll (Microsoft Corporation)
SRV:64bit: - (VacSvc) -- C:\Windows\SysNative\vac.dll (Microsoft Corporation)
SRV:64bit: - (LxpSvc) -- C:\Windows\SysNative\LanguageOverlayServer.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (EpsonScanSvc) -- C:\Windows\SysNative\escsvc64.exe (Seiko Epson Corporation)
SRV - (PrintWorkflowUserSvc) -- C:\Windows\SysWOW64\PrintWorkflowService.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (GoogleChromeElevationService) -- C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\elevation_service.exe (Google Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (EasyAntiCheat) -- C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Ltd)
SRV - (RapportMgmtService) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
SRV - (WdNisSvc) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe (Microsoft Corporation)
SRV - (DevicePickerUserSvc) -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (InstallService) -- C:\Windows\SysWOW64\InstallService.dll (Microsoft Corporation)
SRV - (tzautoupdate) -- C:\Windows\SysWOW64\tzautoupdate.dll (Microsoft Corporation)
SRV - (wisvc) -- C:\Windows\SysWOW64\FlightSettings.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Everything) -- D:\Programy\Everythink\Everything\Everything.exe ()
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe ()
SRV - (mobile_backup_status_server) -- C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe ()
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ()
SRV - (syncagentsrv) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe ()
SRV - (mmsminisrv) -- C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH)
SRV - (mobile_backup_server) -- C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH)
SRV - (AcronisActiveProtectionService) -- C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH)
SRV - (asHmComSvc) -- C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe (ASUSTeK Computer Inc.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes)
SRV - (asComSvc) -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe ()


========== Driver Services (SafeList) ==========

neca
Level 2
Level 2
Příspěvky: 164
Registrován: leden 12
Pohlaví: Muž

Re: Preventivní kontrola PC a čištění před tvorbou zálohy.

Příspěvekod neca » 14 úno 2019 20:42

DRV:64bit: - (MsSecFlt) -- C:\Windows\SysNative\drivers\mssecflt.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (bindflt) -- C:\Windows\SysNative\drivers\bindflt.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nv_dispi.inf_amd64_21a764822be8dff8\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (RapportKE64) -- C:\Windows\SysNative\drivers\RapportKE64.sys (IBM Corp.)
DRV:64bit: - (RapportHades64) -- C:\Windows\SysNative\drivers\RapportHades64.sys (IBM Corp.)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\wd\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\wd\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (nvvhci) -- C:\Windows\SysNative\drivers\nvvhci.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (UevAgentDriver) -- C:\Windows\SysNative\drivers\UevAgentDriver.sys (Microsoft Corporation)
DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation)
DRV:64bit: - (AppvVemgr) -- C:\Windows\SysNative\drivers\AppvVemgr.sys (Microsoft Corporation)
DRV:64bit: - (AppvVfs) -- C:\Windows\SysNative\drivers\AppvVfs.sys (Microsoft Corporation)
DRV:64bit: - (AppvStrm) -- C:\Windows\SysNative\drivers\AppVStrm.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (MbbCx) -- C:\Windows\SysNative\drivers\MbbCx.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (PktMon) -- C:\Windows\SysNative\drivers\PktMon.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (SgrmAgent) -- C:\Windows\SysNative\drivers\SgrmAgent.sys (Microsoft Corporation)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (afunix) -- C:\Windows\SysNative\drivers\afunix.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation)
DRV:64bit: - (WinQuic) -- C:\Windows\SysNative\drivers\winquic.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (WdmCompanionFilter) -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsiCx0101) -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (HwNClx0101) -- C:\Windows\SysNative\drivers\mshwnclx.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (bam) -- C:\Windows\SysNative\drivers\bam.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (IPT) -- C:\Windows\SysNative\drivers\ipt.sys (Microsoft Corporation)
DRV:64bit: - (Ramdisk) -- C:\Windows\SysNative\drivers\ramdisk.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (hidspi) -- C:\Windows\SysNative\drivers\hidspi.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (Microsoft_Bluetooth_AvrcpTransport) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (BthMini) -- C:\Windows\SysNative\drivers\BthMini.SYS (Microsoft Corporation)
DRV:64bit: - (hvcrash) -- C:\Windows\SysNative\drivers\hvcrash.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsiAcpiClient) -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (iaStorAVC) -- C:\Windows\SysNative\drivers\iaStorAVC.sys (Intel Corporation)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (SmartSAMD) -- C:\Windows\SysNative\drivers\SmartSAMD.sys (Microsemi Corportation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (nvdimm) -- C:\Windows\SysNative\drivers\nvdimm.sys (Microsoft Corporation)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (bttflt) -- C:\Windows\SysNative\drivers\bttflt.sys (Microsoft Corporation)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (ItSas35i) -- C:\Windows\SysNative\drivers\ItSas35i.sys (Avago Technologies)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (rhproxy) -- C:\Windows\SysNative\drivers\rhproxy.sys (Microsoft Corporation)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (megasas35i) -- C:\Windows\SysNative\drivers\megasas35i.sys (Avago Technologies)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_31f554b660026323\swenum.sys (Microsoft Corporation)
DRV:64bit: - (PNPMEM) -- C:\Windows\SysNative\drivers\pnpmem.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\drivers\e1i63x64.sys (Intel Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_e4d35af746093dc3\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (ZAM_Guard) -- C:\Windows\SysNative\drivers\zamguard64.sys (Zemana Ltd.)
DRV:64bit: - (file_protector) -- C:\Windows\SysNative\drivers\file_protector.sys (Acronis International GmbH)
DRV:64bit: - (file_tracker) -- C:\Windows\SysNative\drivers\file_tracker.sys (Acronis International GmbH)
DRV:64bit: - (tnd) -- C:\Windows\SysNative\drivers\tnd.sys (Acronis International GmbH)
DRV:64bit: - (virtual_file) -- C:\Windows\SysNative\drivers\virtual_file.sys (Acronis International GmbH)
DRV:64bit: - (volume_tracker) -- C:\Windows\SysNative\drivers\volume_tracker.sys (Acronis International GmbH)
DRV:64bit: - (tib) -- C:\Windows\SysNative\drivers\tib.sys (Acronis International GmbH)
DRV:64bit: - (tib_mounter) -- C:\Windows\SysNative\drivers\tib_mounter.sys (Acronis International GmbH)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis International GmbH)
DRV:64bit: - (fltsrv) -- C:\Windows\SysNative\drivers\fltsrv.sys (Acronis International GmbH)
DRV:64bit: - (IOMap) -- C:\Windows\SysNative\drivers\IOMap64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
DRV:64bit: - (AnviFPFltd) -- C:\Windows\SysNative\drivers\AnviFPFltd.sys (AnviSoft.com)
DRV:64bit: - (GenericMount) -- C:\Windows\SysNative\drivers\GenericMount.sys (Symantec Corporation)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_21a764822be8dff8\nvlddmkm.sys (NVIDIA Corporation)
DRV - (RapportCerberus_1930247) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930247.sys (IBM Corp.)
DRV - (RapportPG64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys (IBM Corp.)
DRV - (RapportEI64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys (IBM Corp.)
DRV - (RapportAegle64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys (IBM Corp.)
DRV - (afunix) -- C:\Windows\SysWOW64\drivers\afunix.sys (Microsoft Corporation)
DRV - (BasicDisplay) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys (Microsoft Corporation)
DRV - (BasicRender) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys (Microsoft Corporation)
DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_31f554b660026323\swenum.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_e4d35af746093dc3\CompositeBus.sys (Microsoft Corporation)
DRV - (YSDrv) -- C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys (BigNox Corporation)
DRV - (GPUIO) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\9\Intel 32\690b33e1-0462-4e84-9bea-c7552b45432a.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = CA 41 0A 6A 76 9C D3 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\e-webprint@epson.com: C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017.11.26 12:19:50 | 000,000,000 | ---D | M]

[2019.02.05 20:43:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\Mozilla\Extensions
[2019.02.05 20:43:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2019.02.05 20:43:25 | 000,419,511 | ---- | M] () (No name found) -- C:\Users\Roman\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_1\
CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.2_1\
CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof\2.2.11_1\
CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb\2.6.0_0\
CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_1\
CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbmnnijcnlegkjjpcfjclmcfggfefdm\3.21.22_0\
CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_1\
CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
CHR - Extension: No name found = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\

O1 HOSTS File: ([2019.02.07 21:29:35 | 000,000,841 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (Seiko Epson Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPTBL.dll (Seiko Epson Corporation)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe ()
O4:64bit: - HKLM..\Run: [MouseDriver] TiltWheelMouse.exe File not found
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis International GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe ()
O4 - HKCU..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 10\ashsnap.exe (Ashampoo GmbH & Co. KG)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIRPE.EXE /EPT "EPLTarget\P0000000000000000" /M "L386 Series" File not found
O4 - HKCU..\Run: [Gaijin.Net Agent] C:\Users\Roman\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (Gaijin Entertainment)
O4 - HKCU..\Run: [GarminExpress] C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries)
O4 - HKCU..\Run: [OneDrive] C:\Users\Roman\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] D:\Programy\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [World of Tanks (1)] C:\Games\World_of_Tanks\WargamingGameUpdater.exe (Wargaming.net)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6fbb34ec-5959-43f9-8070-f89720ac0664}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 10 hostů