﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Tomek (2015-11-07 21:44:17)
Running from C:\Users\Tomek\Desktop
Windows 10 Pro (X64) (2015-08-05 15:46:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3958314789-77703271-805275342-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3958314789-77703271-805275342-503 - Limited - Disabled)
Guest (S-1-5-21-3958314789-77703271-805275342-501 - Limited - Disabled)
Tomek (S-1-5-21-3958314789-77703271-805275342-1001 - Administrator - Enabled) => C:\Users\Tomek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Disabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Aktivator Win 8.1 version for Windows (HKLM-x32\...\{D904AE10-62D4-7CFF-BF91-69B9F8066F32}_is1) (Version: for Windows - )
Aktualizace NVIDIA 2.5.14.5 (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
AMCap (HKLM-x32\...\AMCap) (Version: 9.11.109.4 - Noël Danjou)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bitcoin Core (64-bit) (HKU\S-1-5-21-3958314789-77703271-805275342-1001\...\Bitcoin Core (64-bit)) (Version: 0.11.0 - Bitcoin Core project)
BitTorrent (HKU\S-1-5-21-3958314789-77703271-805275342-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{C13E90B0-4E1C-11DB-6784-0152EAA218BE}) (Version: 1.3 - Activision)
Call of Duty(R) 2 Patch 1.3 (x32 Version: 1.3 - ) Hidden
Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version:  - )
Canon MP160 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
COMODO Antivirus (HKLM\...\{367D1EA4-24FD-402F-AFF0-08A678D2EE28}) (Version: 8.2.0.4674 - COMODO Security Solutions Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
deskPDF Studio X (HKLM-x32\...\deskPDF Studio_is1) (Version:  - Docudesk)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hercules DJ Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 4.HDJS.2009 - Hercules)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Ladička 1.00 (HKLM-x32\...\Ladička 1.00) (Version:  - )
Max Payne (HKLM-x32\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MKV TO AVI CONVERTER version 3.0 (HKLM-x32\...\MKV TO AVI CONVERTER_is1) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MultiBit HD 0.1.3 (HKLM\...\6925-4794-5772-4956) (Version: 0.1.3 - Bitcoin Solutions Ltd)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero 9 Essentials (HKLM-x32\...\{7764f10d-4ca5-44ed-968b-619fb396fd5b}) (Version:  - Nero AG)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 355.98 (Version: 355.98 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MP160 (HKLM-x32\...\Registrace uživatele zařízení Canon MP160) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype™ 7.11 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Název společnosti:)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{2B44F588-2B80-4DD3-B577-B10B3C6865EA}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-3958314789-77703271-805275342-1001\...\Warcraft III) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3958314789-77703271-805275342-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tomek\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01980989-1797-447C-886F-2656A301C819} - System32\Tasks\Microsoft\Windows\WS\WSLicenses => C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe
Task: {07BEC097-EDBC-422F-825E-8FCCB073D77F} - System32\Tasks\Microsoft\Windows\WS\WSSync => C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe
Task: {0FB7CE3B-7DB0-460D-9420-FE2F2B5D0FDF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1019886E-7215-49D8-BCAA-61D46117E69B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {11CF4D79-014A-4C97-A34E-10B9F9D9FB88} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {171468E8-2F9B-41F8-A780-8E632A2C9C21} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2FC994D3-2CD7-4FAE-B2C0-6D3EC3289202} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {36315DD1-86EA-45C7-A4B8-5FAE1B3A4B3C} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {3DBE986C-70F1-4A5F-9E55-AE693F99B6EA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2015-05-21] (Microsoft Corporation)
Task: {414C4B20-81D9-456D-9A17-EF2774E6AD87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {4ABA9D40-4E0D-4EA1-9F62-DFDED2AE3C41} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {712AD28D-EEB4-4B77-B9CF-ACF3784E6224} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {728F757B-46E4-4A7C-9AE6-7C697B0A1215} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-05] (COMODO)
Task: {7E8E4789-28A9-4B1F-A405-F7F612DFEBDE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {7F5ED491-EB29-426A-904F-6EDCAAA068CF} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => D:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {82A27E9B-2E14-4DEF-9B1A-A726D6407D0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-02] (Google Inc.)
Task: {8414AC8F-B02E-4337-B6F0-BAAF71847F41} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {878839E9-2A0E-40B5-8A30-FBE9694054A7} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-05] (Synaptics Incorporated)
Task: {9CE1D790-8CF4-4C24-B4D0-4EF2141A8168} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A20FF443-4DCB-465E-A4F5-059AF2DFC7A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {AEEA2267-F9D6-4E0C-A282-FA98D42E0077} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AF61B57C-4C11-44F5-B0C0-CCE949430210} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {AFF42B96-DD2A-462F-8113-1448B8BC501F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B3EA9835-9161-485B-877E-3C1A00642646} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D317A0C5-5424-4AC9-8645-165DED6D1B42} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E43EBE4A-4661-423E-88F5-10A65F75E5A7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {E578D24B-D0EC-4271-90A3-0B743F939CCB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-10-09] (Apple Inc.)
Task: {F04B2ABA-1250-4A5C-A6E9-9369DA572851} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-05 17:05 - 2015-08-05 17:05 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-03-22 01:19 - 2015-03-08 19:28 - 00038192 _____ () C:\Windows\system32\ddmon5-64x.dll
2013-09-10 12:54 - 2013-09-10 12:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-19 12:32 - 2015-08-19 12:32 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-06 16:39 - 2007-11-21 11:16 - 00020480 _____ () C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
2015-10-04 16:21 - 2015-10-04 16:21 - 00075064 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-10-01 15:22 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 15:22 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-17 23:35 - 2015-07-29 19:04 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-10-01 15:22 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 15:22 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 15:22 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 15:22 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 15:22 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-07-18 18:38 - 2012-07-18 18:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2015-01-08 22:02 - 2015-01-08 22:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-10-27 12:44 - 2015-10-27 12:45 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-27 12:44 - 2015-10-27 12:45 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-10-27 12:44 - 2015-10-27 12:45 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-03-30 19:08 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-22 21:04 - 2015-10-20 15:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-22 21:04 - 2015-10-20 15:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\CCleaner:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Office:Win32App
AlternateDataStreams: C:\Program Files (x86)\Aktivator Win 8.1:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft.NET:Win32App
AlternateDataStreams: C:\Program Files (x86)\MKVTOAVI:Win32App
AlternateDataStreams: C:\Program Files (x86)\TomTom HOME 2:Win32App
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App
AlternateDataStreams: C:\Program Files (x86)\WinRAR:Win32App
AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\notepad.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\WLXPGSS.SCR:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ActionCenter.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AppointmentApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AppxSysprep.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AudioEndpointBuilder.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\browserbroker.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\BthRadioMedia.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CallHistoryClient.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Chakra.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Chakradiag.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ChatApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CNCC160.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CNCI160.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CNCL160.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\cnco160.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CNMLM83.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ContactApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\coredpus.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3d9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dafWCN.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\diagtrack_win.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\diagtrack_wininternal.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dlnashext.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dssvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dxgi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\edgehtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\EmailApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\esent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\facecredentialprovider.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\fdWCN.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\fveapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\fwpolicyiomgr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\GamePanel.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIService.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxEM.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxHK.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxTray.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\InputService.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\InstallAgent.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LicenseManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationFrameworkInternalPS.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationPermissions.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LockAppHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LogonController.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MbaeApiPublic.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MbaeParserTask.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mcupdate_GenuineIntel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MessagingDataModel2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MFMediaEngine.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfmkvsrcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfmp4srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfmpeg2srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MFPlay.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfsrcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msctfuimanager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mssprxy.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mssrch.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MusNotificationUx.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MusUpdateHandlers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NetSetupShim.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NetSetupSvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NetworkStatus.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\notepad.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NotificationControllerPS.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NotificationObjFactory.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvapi64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvaudcap64v.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvd3dumx.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435286.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435362.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435560.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435850.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435286.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435362.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435560.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435850.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NvFBC64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NvIFR64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvinitx.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvoglshim64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvoglv64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvumdshimx.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvvsvc.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvwgf2umx.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PackageStateRoaming.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PhoneCallHistoryApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PimIndexMaintenance.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PlayToManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\provhandlers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rdbui.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ReAgent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\reseteng.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SearchProtocolHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SecConfig.efi:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SensorService.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SensorsNativeApi.V2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_Notifications.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SharedStartModelShim.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\st646469.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SynCOM.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SynTPAPI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo33.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\sysmain.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\tetheringclient.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\TextInputFramework.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\TokenBroker.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\tquery.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Unistore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\UserDataAccountApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\UserDataService.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\usermgr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\UserMgrProxy.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\vaultsvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\VEDataLayerHelpers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\VoiceActivationManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\VPNv2CSP.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WcnApi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WcnNetsh.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wcnwiz.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wfdprov.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wifinetworkmanager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\win32kbase.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\win32kfull.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WinBioDataModel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Cortana.Desktop.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Devices.Usb.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.StateRepository.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WlanMediaManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wpncore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuautoappupdate.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActionCenter.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppointmentApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\CallHistoryClient.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakra.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakradiag.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ChatApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ContactApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dlnashext.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dxgi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\edgehtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\EmailApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\esent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\fdWCN.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\GamePanel.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\InputService.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\LicenseManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\LogonController.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MbaeApiPublic.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MessagingDataModel2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFMediaEngine.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFPlay.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsrcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctfuimanager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssrch.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr110.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupShim.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\notepad.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NotificationObjFactory.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvaudcap32v.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvd3dum.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvFBC.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFR.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvinit.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglshim32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglv32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvumdshim.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvwgf2um.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PackageStateRoaming.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PlayToManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrA.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ReAgent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ReInfo.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchProtocolHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynCom.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\tetheringclient.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\TextInputFramework.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\TokenBroker.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\tquery.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.appcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Unistore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserDataAccountApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserMgrProxy.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\VoiceActivationManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\WcnApi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wcnwiz.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wfdprov.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.StateRepository.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthhfenum.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\msgpiowin32.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\netio.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvlddmkm.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvpciflt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvvad64v.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rdyboost.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stornvme.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stwrt64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynTP.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tunnel.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbhub.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbscan.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBXHCI.SYS:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WdiWiFi.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wof.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wpcfltr.sys:$CmdTcID
AlternateDataStreams: C:\Program Files\Common Files\DESIGNER:Win32App
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App
AlternateDataStreams: C:\Users\Tomek\Desktop\0806-Took-Jerbs.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\11098429_876222019090334_879405527_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\11216812_1037443253002211_1348656323621598821_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\11403160_10203264650611944_3805493821732530454_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\11693996_1598944180357283_1864100559485039561_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\11761923_948520701855762_1766299919_n.mp4:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\11937042_912748132153314_6158495395838251268_o.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\4809912913.png:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\55817213.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\D-yikes9.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\donnay-ess-jog-pant-snr53-14.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Tomek\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\FRSTLauncher.exe:$CmdTcID
AlternateDataStreams: C:\Users\Tomek\Desktop\FRSTLauncher.exe:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\giorgio-3pk-wv-boxer-sn52-9.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\IDT High Definition Audio CODEC .exe:$CmdTcID
AlternateDataStreams: C:\Users\Tomek\Desktop\IDT High Definition Audio CODEC .exe:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\image1.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\Instrucciones.txt:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\slazenger-5-pack-trainer-socks.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\Social Club v1.1.5.8 Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Tomek\Desktop\South.Park.S19E03.HDTV.x264-KILLERS.mp4:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\South.Park.S19E03.HDTV.x264-KILLERS.srt:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\soviet-polka-pocket-t-shirt.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\soviet-stripe-pocket-t-shirt.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\TC50158600F.exe:$CmdTcID
AlternateDataStreams: C:\Users\Tomek\Desktop\TC50158600F.exe:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Desktop\WireCrafters-Temporary-Prisoner-Holding-Cell.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\AppData\Local\Temp:Win32App
AlternateDataStreams: C:\Users\Tomek\Documents\15-investicni-rozhodovani.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\16.-Hodnota-podniku.docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\42_,_Aktiva_a_pasiva_banky.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\42_42_UCETNICTVI_neziskovek.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\42_otazky_dane (1).doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\42_otazky_dane (2).doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\42_otazky_dane.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\42_otazky_finance (1).doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\42_otazky_finance.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\42_Priklad_na_fondy_-_procviceni.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\42_Terminy_pro_3.VOS.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\42_vnitropodnikove_uce__uvod.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\42__Neziskove_organizace_ (1).doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\56_2VOS_examination_guidelines_winter_2013.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\56_Market_economy.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\60_POJ_vysledky_T1_2015_doplnek.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\8-Řízení-kurzových-rizik.docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\ANJ-presentation.docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\anj-zkouska.docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\daně 3.voš (2).docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\Daně-23.docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\finance (2).docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\finance (3).docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\konzumace+vlastního.docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\PCT_raut.xls:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\Pracovní-právo1.docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\právo+test+2+Kramer.docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\Právo-1.docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\sbor.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\směny.xlsx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\uce-i-teorie.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\Vážená slečno Dřevíkovská.docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\www2014_-_3._Legislativa.doc:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\zahrádka.docx:$CmdZnID
AlternateDataStreams: C:\Users\Tomek\Documents\čísla stolů.docx:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3958314789-77703271-805275342-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomek\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 172.20.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3958314789-77703271-805275342-1001\...\StartupApproved\Run: => "deskPDF Creator"
HKU\S-1-5-21-3958314789-77703271-805275342-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-3958314789-77703271-805275342-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EAE2A56F-21D5-4A62-9DA4-4AD762C82864}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B458690F-367C-4C2B-BE7A-90FF45A9FDC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E5042FEA-785F-4934-B1D7-B231F57258F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FD11AE78-7A74-4C68-BB31-ABDA1B424836}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A8368D16-6286-487A-B62B-B886927FA564}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CACDED16-0B6F-4A9F-8450-DF66732A7513}] => (Allow) LPort=1900
FirewallRules: [{18A63624-3729-4BFD-BB64-DA1FCF77896D}] => (Allow) LPort=2869
FirewallRules: [{480FB123-562B-463E-9F35-FF6E2045CB8A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5EC0C951-0087-41DD-B16D-A6D7AB364732}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04425183-3F82-4999-858F-3902EA1F044C}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6F443EBD-3A1D-4BDE-A362-D134A810B781}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1489C6E3-E71C-4843-9FAF-1D1E66D0C3DB}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{66A5EC2A-CCD1-423A-A385-BC0B8EB839F2}] => (Allow) C:\Users\Tomek\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{AB375759-F7BB-46A4-AE3C-D35570DB8D35}] => (Allow) C:\Users\Tomek\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F22178B2-9801-4B70-BF47-20F8B5D1CC95}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{46C05956-50DA-4651-B96C-693DDFADDC52}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AF333FFB-78C8-4325-B62C-98111DC9F356}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{2B6EFD91-42A6-442A-8268-76BDC20851D2}D:\bitcoin\bitcoin-qt.exe] => (Allow) D:\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{B28F043E-69E0-4364-8F89-518B6CCC16B7}D:\bitcoin\bitcoin-qt.exe] => (Allow) D:\bitcoin\bitcoin-qt.exe
FirewallRules: [TCP Query User{882EA224-CEE8-4158-960D-7C3202ADAD5D}D:\program files (x86)\cod_warldatwar\codwaw.exe] => (Allow) D:\program files (x86)\cod_warldatwar\codwaw.exe
FirewallRules: [UDP Query User{4323AB58-1A86-425A-8C42-7ACC3D98A66E}D:\program files (x86)\cod_warldatwar\codwaw.exe] => (Allow) D:\program files (x86)\cod_warldatwar\codwaw.exe
FirewallRules: [{90F49730-1093-466E-9E7F-E3C835A0AEA3}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9F5288D8-21F6-4021-BE8C-3D290722F6BE}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CEE9E873-63A6-4630-BD03-5BE870DB648D}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B3692AD2-3EB9-43FC-BB14-2903A863A494}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{9094AAC0-D4FB-4CF2-8A67-41F3BF10F70B}D:\program files\multibit hd\multibit-hd.exe] => (Allow) D:\program files\multibit hd\multibit-hd.exe
FirewallRules: [UDP Query User{09A55466-21CF-4BCD-A560-F42EE22BB17F}D:\program files\multibit hd\multibit-hd.exe] => (Allow) D:\program files\multibit hd\multibit-hd.exe
FirewallRules: [TCP Query User{37332737-4AAF-42C5-B48A-13CF75F2C080}D:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) D:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{9BAB4C75-D62F-4867-9FDD-C5067545426A}D:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) D:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [{BE113654-3923-4711-B057-E1E8F2B25B00}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1F11C2BE-4B57-4CC8-98BD-A381FA65FE86}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2EE0B9A4-DEA5-4DFD-90E5-0990F96BB820}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AE591410-420F-4581-B2E3-6A7CEF76EAF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{940A5923-B52B-4810-A007-61D59C04428B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B636AFB0-7593-4F3A-A348-384ECBD1E9CF}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============

Name: Display
Description: Display
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/07/2015 10:35:29 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/07/2015 01:08:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11453

Error: (11/07/2015 01:08:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11453

Error: (11/07/2015 01:08:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/06/2015 08:47:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettingsBroker.exe, verze: 10.0.10240.16384, časové razítko: 0x559f39c2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.10240.16384, časové razítko: 0x559f38c3
Kód výjimky: 0xe06d7363
Posun chyby: 0x000000000002a1c8
ID chybujícího procesu: 0x8e0
Čas spuštění chybující aplikace: 0xSystemSettingsBroker.exe0
Cesta k chybující aplikaci: SystemSettingsBroker.exe1
Cesta k chybujícímu modulu: SystemSettingsBroker.exe2
ID zprávy: SystemSettingsBroker.exe3
Úplný název chybujícího balíčku: SystemSettingsBroker.exe4
ID aplikace související s chybujícím balíčkem: SystemSettingsBroker.exe5

Error: (11/06/2015 10:37:37 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/05/2015 08:50:37 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/04/2015 09:42:14 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/03/2015 01:16:59 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (11/02/2015 03:01:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13641


System errors:
=============
Error: (11/07/2015 09:36:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Defender neuspěla při spuštění v důsledku následující chyby: 
%%1053

Error: (11/07/2015 09:36:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Windows Defender bylo dosaženo časového limitu (30000 ms).

Error: (11/07/2015 09:36:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Defender neuspěla při spuštění v důsledku následující chyby: 
%%1053

Error: (11/07/2015 09:36:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Windows Defender bylo dosaženo časového limitu (30000 ms).

Error: (11/07/2015 04:02:04 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Na miniportu Apple Mobile Device Ethernet, {A67DF4C0-EFB2-450A-ACCA-4FFCDA6241DF}, došlo k události 76.

Error: (11/07/2015 03:27:25 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (11/07/2015 02:59:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session3 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/07/2015 02:16:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): NVIDIA driver update for NVIDIA GeForce 710M.

Error: (11/07/2015 01:46:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (11/07/2015 11:35:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
  Date: 2015-11-07 21:39:23.399
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-07 21:39:23.393
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-07 21:23:19.411
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-07 20:57:52.272
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-07 20:46:10.852
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-07 20:27:09.513
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-07 13:56:08.475
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-07 11:32:52.423
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-07 10:55:07.041
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-07 10:43:07.630
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 59%
Total physical RAM: 4007.97 MB
Available physical RAM: 1622.64 MB
Total Virtual: 5927.97 MB
Available Virtual: 2621.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.31 GB) (Free:21.32 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:600.98 GB) (Free:407.99 GB) NTFS
Drive f: (Disc) (CDROM) (Total:2.47 GB) (Free:0 GB) CDFS
Drive h: (Elements) (Fixed) (Total:931.48 GB) (Free:16.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: E53CD3C3)
Partition 1: (Active) - (Size=97.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=601 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: BD92437E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================