Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by micha (11-11-2017 13:40:20)
Running from C:\Users\micha\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-07-05 08:29:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2976775506-2560316150-966240833-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2976775506-2560316150-966240833-503 - Limited - Disabled)
Guest (S-1-5-21-2976775506-2560316150-966240833-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2976775506-2560316150-966240833-1003 - Limited - Enabled)
micha (S-1-5-21-2976775506-2560316150-966240833-1001 - Administrator - Enabled) => C:\Users\micha

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (HKLM\...\{90160000-001F-0427-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (HKLM\...\{90160000-001F-041A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 372.70 - NVIDIA Corporation) Hidden
Anti-Twin (Installation 20.07.2017) (HKLM-x32\...\Anti-Twin 2017-07-20 19.39.04) (Version:  - Joerg Rosenthal, Germany)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.4272 - DsNET Corp)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
AVerMedia C039 USB Capture Card 10.2.64.103 (HKLM-x32\...\AVerMedia C039 USB Capture Card) (Version: 10.2.64.103 - AVerMedia TECHNOLOGIES, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (HKLM\...\{90160000-001F-042A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
CyberLink AudioDirector 7 (HKLM-x32\...\{18C5824A-FD59-453D-9DC1-5D86FA034357}) (Version: 7.0.6822.0 - CyberLink Corp.)
CyberLink ColorDirector 5 (HKLM-x32\...\{293B15F9-91A8-44D4-ACBB-E13E8E2EC97D}) (Version: 5.0.5623.0 - CyberLink Corp.)
CyberLink Holiday Pack vol 7 Holiday Pack 7 (HKLM-x32\...\{FC216422-E2C7-47BF-8010-F858811CC86C}) (Version: 7 - CyberLink Corp.)
CyberLink PhotoDirector 8 (HKLM-x32\...\{80986AB6-3CB0-49db-AB48-1600844D6374}) (Version: 8.0.2031.0 - CyberLink Corp.)
CyberLink PowerDirector 15 (HKLM-x32\...\{FA285575-B543-4E6E-A573-A4F534AC9965}) (Version: 15.0.2509.0 - CyberLink Corp.)
CyberLink PowerDirector Content Pack Essential Essential (HKLM-x32\...\{F2D0453E-3783-490D-9D48-7CC648C4ADFB}) (Version: 1.0 - CyberLink Corp.)
CyberLink PowerDirector Content Pack Premium 1 Premium 1 (HKLM-x32\...\{1B3E7144-6051-455B-809F-50E3CF913869}) (Version: 1 - CyberLink Corp.)
CyberLink PowerDirector Content Pack Premium 2 Premium 2 (HKLM-x32\...\{CF520E54-7DB7-4402-B581-FC0D6734D0C6}) (Version: 2 - CyberLink Corp.)
CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.1804.58 - CyberLink Corp.)
CyberLink Travel Pack 3 Travel Pack 3 (HKLM-x32\...\{0C5A57BA-435E-43F3-8040-ADF08D715C8A}) (Version: 3 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
CyberLink Wedding Pack Wedding Pack (HKLM-x32\...\InstallShield_{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}) (Version: Wedding Pack - CyberLink Corp.)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
EnjoyWiFi (HKLM-x32\...\{8948C1BE-92B8-4276-8803-DC71CC78203A}) (Version:  - )
FastDataX 1.20 (HKLM-x32\...\FastDataX_is1) (Version: 1.20 - )
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM\...\{90160000-001F-0816-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Support Solutions Framework (HKLM-x32\...\{579A990C-3855-4838-AF23-354CE2264BC0}) (Version: 12.8.37.11 - HP)
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
I-Microsoft Office Proofing Tools 2016 - IsiZulu (HKLM\...\{90160000-001F-0435-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (HKLM\...\{90160000-001F-0491-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (HKLM\...\{90160000-001F-0418-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{E6F74D3A-5E93-4DE6-BBC6-7CF175F95214}) (Version: 12.7.1.14 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Mega Codec Pack 11.9.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.6 - KLCP)
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM\...\{90160000-001F-0406-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (HKLM\...\{90160000-001F-0414-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (HKLM\...\{90160000-001F-0814-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
kpoxaeban 1.00 (HKLM-x32\...\kpoxaeban 1.00) (Version: 1.00 - CompanyKooxa)
LaCie Private Public version 1.0 (HKLM\...\{59A09B2C-E8FD-4756-ADEA-1436E9F8A74E}_is1) (Version: 1.0 - My Company, Inc.)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.14 - MSI)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nero 2015 (HKLM-x32\...\{763EF8DC-4CC0-47CA-BE1C-BDE731462250}) (Version: 16.0.02900 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue)
NVIDIA Ovladač 3D Vision 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== ATTENTION
Orodja za preverjanje za Microsoft Office 2016 – angleščina (HKLM\...\{90160000-001F-0424-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
P2PEnhance 1.0 (HKLM-x32\...\P2PEnhance) (Version: 1.0 - P2P Enhance)
PatchCleaner (HKLM-x32\...\{18DA8D88-5BCD-4B26-B712-F00EF2CB8AF7}) (Version: 1.2.0 - HomeDev)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
PQwick (HKLM-x32\...\PQwick) (Version: 1.1 - PQwick)
Prerequisite installer (HKLM-x32\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0000 - Nero AG) Hidden
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Skype HoloLens Add-In (HKLM-x32\...\{38A3693F-1954-450F-8E42-C0E6F9C1AE94}) (Version: 1.0.0.0 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
Spotify (HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
SyncFileSetup (x86) (HKLM-x32\...\{04848A0A-02B1-4703-B15D-6E7DCF95FB84}) (Version: 1.3.5949.26210 - Western Digital Technologies, Inc) Hidden
System Healer (HKLM-x32\...\SystemHealer_is1) (Version: 4.4.0.3 - SystemHealer) <==== ATTENTION
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM\...\{90160000-001F-083C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
Ulož.to FileManager verze 2.20 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.20 - Uloz.to cloud a.s.)
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (HKLM\...\{90160000-001F-041C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WD Access (HKLM-x32\...\{046643f7-6206-46bb-8968-92c37fee39e0}) (Version: 1.4.5949.29996 - Western Digital Technologies, Inc.)
WD Access (HKLM-x32\...\{C0624809-D60D-4AFF-8AF3-9452125AF4C1}) (Version: 1.4.5949.29996 - Western Digital Technologies, Inc) Hidden
WD Quick View (HKLM-x32\...\{3B52068A-5359-462F-ABBC-72AEF0B31D6F}) (Version: 2.4.20.48 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{57B8AF2A-05C0-4974-BD89-49F7534F8C2D}) (Version: 2.4.20.48 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{1495b866-ed65-4968-8bf2-903313e0ac39}) (Version: 2.4.20.48 - Western Digital Technologies, Inc.)
WD Sync (HKLM-x32\...\{0d591303-bbc5-4645-a03b-1c3f75f1a762}) (Version: 1.3.5949.26210 - Western Digital Technologies, Inc.)
WhatsApp (HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\WhatsApp) (Version: 0.2.6426 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Filmora(Build 8.0.0) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare TunesGo ( Version 9.5.2 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 9.5.2 - Wondershare)
YoutubeAdBlock (HKLM-x32\...\E3605470-291B-44EB-8648-745EE356599A) (Version: 2.0.0.381 - Company Inc.) <==== ATTENTION
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (HKLM\...\{90160000-001F-0408-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (HKLM\...\{90160000-001F-0429-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-11] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-11] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-11] (AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2017-06-11] (Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WDSyncContextMenuHandler] -> {5A51BDCB-F8C2-4698-B79C-A77DF0AA466B} => C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2017-06-11] (Western Digital Technologies, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-11] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-11] (AVAST Software)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2017-06-11] (Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WDSyncContextMenuHandler] -> {5A51BDCB-F8C2-4698-B79C-A77DF0AA466B} => C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {090234F2-0931-4C13-83F6-6F6F1B134B07} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {10855720-0E42-4359-9CFA-3C33B68C16C8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {109395E3-B860-44AD-8B77-BAF2E4277D08} - System32\Tasks\PjDfytumxbayONn => rundll32 "C:\Program Files (x86)\kqEuPYMaU\ukIowE.dll",#1
Task: {164A674F-4CBD-46D2-95C6-B7837875631A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-11] (AVAST Software)
Task: {2308248A-4C21-4FF7-84B4-14949307D168} - System32\Tasks\zjwPaeaadZaNwF => rundll32 "C:\Program Files (x86)\JIdcnntTvnKU2\BuPkeIbolwAEg.dll",#1
Task: {273EFE91-4069-4C83-9589-61345838E8FB} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe <==== ATTENTION
Task: {2B0A4A71-A390-4B13-9F9A-673D929CF4A0} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {2E62F7B4-BF2D-45E4-BD0F-3A8158591F51} - System32\Tasks\PjDfytumxbayONn2 => rundll32 "C:\Program Files (x86)\kqEuPYMaU\ukIowE.dll",#1
Task: {2EFE337E-9C03-4F86-BF37-08FF8EC3B011} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-10-11] (Microsoft Corporation)
Task: {2F38C524-8BD5-4F41-ABDA-CE5C05296C10} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {2FE36E93-BC5F-4F34-A6FB-E39C3F1A7BE7} - System32\Tasks\SafeZone scheduled Autoupdate 1461500097 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {3532E707-0A44-4F5F-B465-143CEF77A072} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {37476883-CDB0-49BB-A3E8-08194396DCB2} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {417279FB-1A9C-4D5D-B278-6135E730C226} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {5A8312A3-FD2E-408D-8020-473E420E6F14} - System32\Tasks\avast! Windows 10 Start Menu helper => c:\program files\avast software\avast\asww10mon.exe
Task: {678FF561-F947-435F-9B3A-D579A9530B95} - \{0E040547-0A08-0879-7A11-7E7E0C0E1178} -> No File <==== ATTENTION
Task: {6B91B182-D491-4AED-AE48-E6467E2C1E7E} - System32\Tasks\Online Application V2G6 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {6C8A924B-5647-471C-B24F-BED3CE0C4108} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {6C979C02-1AD6-49D7-8362-3466D6FE91D3} - System32\Tasks\Online Application V2G4 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {6F394665-1699-43D8-A02C-CB4DA4010B9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-26] (Google Inc.)
Task: {73C4E648-41F5-4F2E-B23E-5336F6D9C8D0} - \LaCieS -> No File <==== ATTENTION
Task: {88047D55-96CC-4FE7-8DE0-18B966BE655E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {93CC22F2-7589-4A1A-A975-FBCB60FC72D7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-30] (Adobe Systems Incorporated)
Task: {97A6A73D-9943-451E-B384-CE8E65532998} - System32\Tasks\Online Application V2G5 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {9F91F4C0-E935-4084-A4D5-3F2B189F9079} - System32\Tasks\S-1-5-21-2976775506-2560316150-966240833-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {9FF15C9C-44B4-4DDA-B0CC-853A63F14A52} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-10-30] (Adobe Systems Incorporated)
Task: {A8D4BF6B-2E9D-4BBA-9C47-3DB8FC0EFD74} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {B24E3985-5073-441B-9959-CC0A0FBE21D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {BB1E5CDE-EF31-44FC-8195-0C01663D0564} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-01-26] ()
Task: {D0C60709-D6C8-48D6-9C05-F0631E7FF8C1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {D2CD73A1-EDF7-4AB6-9D64-85686EAC586B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {DF5B84CE-BD68-4DA9-A124-23F12B00049C} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-11-02] (Microleaves) <==== ATTENTION
Task: {E48A5885-A686-4C68-90E0-A43CBD0660A1} - System32\Tasks\{FFDDB183-9748-ECE9-037F-2334DDAABD36} => C:\Program Files (x86)\FastDataX\fastdatax.exe [2017-11-10] ()
Task: {FDD9FD34-E6EC-49C5-8E10-706707B481D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-26] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PjDfytumxbayONn.job => C:\Program Files (x86)\kqEuPYMaU\ukIowE.dll
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\micha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy?click_id=yEyEzz0AyD0ByD0F0C0Azy0E0ByE0DyE2RtBtDtCyCtDtCtByCtBtDyEzytDyDtCzzzy

==================== Loaded Modules (Whitelisted) ==============

2016-01-26 18:28 - 2013-04-15 11:50 - 000198144 _____ () C:\WINDOWS\System32\HP1006LM.DLL
2016-09-29 19:43 - 2013-04-15 11:50 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1006PP.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-04 09:50 - 2015-09-04 09:50 - 000053248 _____ () C:\Program Files (x86)\P2PEnhance\P2PEnhance.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-07 18:23 - 2017-11-07 18:23 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.480.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-07 18:23 - 2017-11-07 18:23 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.480.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-07 18:23 - 2017-11-07 18:23 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.480.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-07 18:23 - 2017-11-07 18:23 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.480.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-07 18:23 - 2017-11-07 18:23 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.480.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-09-27 17:57 - 2017-09-21 08:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-27 17:57 - 2017-09-21 08:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-11-02 11:51 - 2017-11-02 11:51 - 000199864 _____ () C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
2015-09-04 09:51 - 2015-09-04 09:51 - 000009728 _____ () C:\Program Files (x86)\P2PEnhance\boost_system-vc71-mt-1_48.dll
2015-09-04 09:50 - 2015-09-04 09:50 - 000053248 _____ () C:\Program Files (x86)\P2PEnhance\boost_thread-vc71-mt-1_48.dll
2015-08-16 16:27 - 2015-08-16 16:27 - 000965120 _____ () C:\ProgramData\QuteClient\qplugins.dll
2017-06-29 17:03 - 2005-07-18 12:43 - 000160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-01-26 15:52 - 2016-06-15 02:14 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-11-11 13:06 - 2017-11-11 13:06 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-11-11 13:06 - 2017-11-11 13:06 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-07-10 16:25 - 2017-07-10 16:25 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-11 13:06 - 2017-11-11 13:06 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-11-11 13:06 - 2017-11-11 13:06 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-11-11 13:06 - 2017-11-11 13:06 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-18 23:52 - 2017-10-18 23:52 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000632832 _____ () C:\Program Files (x86)\Spotydl\tag.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000986112 _____ () C:\Program Files (x86)\Spotydl\libxml2.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000637440 _____ () C:\Program Files (x86)\Spotydl\QxtWidgets.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000107520 _____ () C:\Program Files (x86)\Spotydl\zlib1.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000408064 _____ () C:\Program Files (x86)\Spotydl\QxtCore.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000048128 _____ () C:\Program Files (x86)\Spotydl\libEGL.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000728576 _____ () C:\Program Files (x86)\Spotydl\libGLESv2.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000833024 _____ () C:\Program Files (x86)\Spotydl\platforms\qwindows.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000164864 _____ () C:\Program Files (x86)\Spotydl\mediaservice\wmfengine.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000022016 _____ () C:\Program Files (x86)\Spotydl\imageformats\qgif.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000021504 _____ () C:\Program Files (x86)\Spotydl\imageformats\qico.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000205312 _____ () C:\Program Files (x86)\Spotydl\imageformats\qjpeg.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000218624 _____ () C:\Program Files (x86)\Spotydl\imageformats\qmng.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000016384 _____ () C:\Program Files (x86)\Spotydl\imageformats\qsvg.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000015872 _____ () C:\Program Files (x86)\Spotydl\imageformats\qtga.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000275456 _____ () C:\Program Files (x86)\Spotydl\imageformats\qtiff.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000015360 _____ () C:\Program Files (x86)\Spotydl\imageformats\qwbmp.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000036352 _____ () C:\Program Files (x86)\Spotydl\bearer\qgenericbearer.dll
2017-05-08 08:27 - 2013-10-03 12:53 - 000039424 _____ () C:\Program Files (x86)\Spotydl\bearer\qnativewifibearer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2017-04-11 16:52 - 000000992 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 cap.cyberlink.com
127.0.0.1 cap.cyberlink.com
127.0.0.1 cap.cyberlink.com
127.0.0.1 cap.cyberlink.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2976775506-2560316150-966240833-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\micha\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{203ec901-3a57-4936-9aa8-1a29d16f6328}.JPG
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "PowerDVD15Agent"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "Onboard"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0346DA5D-1C10-4A0C-A8FB-96AC176D4D6A}] => (Allow) C:\Program Files\CyberLink\PowerDirector15\PDR10.EXE
FirewallRules: [{F62703C8-3FD1-4CC5-8F7A-40DB1F05E9F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{288C31C0-CA68-4AF7-BFD2-4BB28DF1A2B8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6777A53A-82BB-4C6A-BB35-FCD687D52764}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{730F9F0D-39D4-42CE-B6D0-41F723A7DF6A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{13C6D957-2517-4E02-94DF-DC31A016666B}C:\users\micha\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\micha\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{968C146C-6038-44A8-927C-F13D7EA6E766}C:\users\micha\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\micha\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{E1F285F7-ACFA-466C-96E1-0A9716A847C7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{3A01DF4A-3DA0-49E4-8811-6ACEDC9B8BDC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe
FirewallRules: [{4CA9CEA4-D859-4ADB-AA64-80499BD7F241}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
FirewallRules: [{3687BF90-B769-4364-8A83-60430350985B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe
FirewallRules: [{4F74C3CC-F5A5-4D86-BAE3-4C643C4FA767}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe
FirewallRules: [{F0F8E001-2391-45DB-A039-7D735D61D46E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{A54A8732-95D6-41A7-9C14-C3AD8B72DFA9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{2F90203F-8219-4BA4-AD93-73EF818D8B3A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{28DEBD6E-538B-453C-949D-4DF21BB5275A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{46D5FE7E-D27A-45E3-A6F8-47FD84626553}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E9B57F4C-5A10-49A5-8674-938C9DE8FF00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7A5FA4B0-542F-427A-A97E-3E9114D0D542}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0A4EA85D-6D8A-4E7D-935B-A0059EE00435}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{AC4970F6-82B8-49DE-A31E-5918278A959C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F49C0482-C906-4173-83DA-1350FF410A10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{10E6FAA5-BDC8-4ED5-BCBE-0475B2D346BF}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{F015082F-4275-4084-A5D7-2ABA8B422B61}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{7AD15FBF-EB98-4A79-9DC6-8FB01D1120FB}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{58F2CD54-AEF6-41A9-A83E-F51E23370FCB}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{17A514AB-5100-4677-A416-8A9F4D6D6DE2}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{20B120B9-4761-49F1-A29E-41327C3BEB21}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{F5DA45D7-B31A-47B2-9D18-6A4BF6481185}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{6EEBBE20-A5B9-4FE0-92F2-C50336B67238}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{490CE465-B5F8-4B37-8C09-F874909673F5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CB1061A0-F04E-4286-ADB3-CB6F8A84AA6D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A6BBFD70-A4A5-4645-B70E-CE7221E644F3}] => (Allow) C:\Program Files (x86)\P2PEnhance\p2penhance.exe
FirewallRules: [{62CF2E81-F924-4989-8F89-A3C53D8BA832}] => (Allow) C:\Program Files (x86)\P2PEnhance\p2penhance.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/11/2017 01:21:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\cyberlink\photodirector8\kernel\ces\CES_CacheAgent.exe.Manifest se nezdařilo.
Závislé sestavení PDR.X,type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/11/2017 01:21:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\cyberlink\photodirector8\kernel\ces\CES_AudioCacheAgent.exe.Manifest se nezdařilo.
Závislé sestavení PDR.X,type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/11/2017 01:15:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: winhost.exe, verze: 0.0.0.0, časové razítko: 0x5a05e24a
Název chybujícího modulu: ntdll.dll, verze: 10.0.15063.608, časové razítko: 0x802f667e
Kód výjimky: 0xc0000374
Posun chyby: 0x000d9aba
ID chybujícího procesu: 0x2d00
Čas spuštění chybující aplikace: 0x01d35ae6c817bd41
Cesta k chybující aplikaci: C:\Program Files (x86)\CompanyKooxa\kpoxaeban\winhost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 3cf1d933-ef7d-423b-9748-5e932674f9e2
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2017 01:14:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ic-0.ae3b743e4735.exe, verze: 1.0.0.1, časové razítko: 0x5a06e739
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x02890e2a
ID chybujícího procesu: 0x2cbc
Čas spuštění chybující aplikace: 0x01d35ae692ec6eba
Cesta k chybující aplikaci: C:\Users\micha\AppData\Local\Temp\347265\ic-0.ae3b743e4735.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4eefe92c-51b6-465e-a9c2-a3eed6e683ff
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2017 01:13:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\cyberlink\photodirector8\kernel\ces\CES_CacheAgent.exe.Manifest se nezdařilo.
Závislé sestavení PDR.X,type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/11/2017 01:13:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\cyberlink\photodirector8\kernel\ces\CES_AudioCacheAgent.exe.Manifest se nezdařilo.
Závislé sestavení PDR.X,type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/11/2017 01:12:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 11.0.15063.608, časové razítko: 0x324c3bf4
Název chybujícího modulu: ntdll.dll, verze: 10.0.15063.608, časové razítko: 0x802f667e
Kód výjimky: 0xc0000005
Posun chyby: 0x0004b2e3
ID chybujícího procesu: 0x2e20
Čas spuštění chybující aplikace: 0x01d35ae66277b7a6
Cesta k chybující aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c554488a-f638-48c1-bb26-dcc8088e92ac
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2017 01:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ic-0.1efd32e7fb535.exe, verze: 1.0.0.1, časové razítko: 0x5a06e739
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x00620e2a
ID chybujícího procesu: 0x2e28
Čas spuštění chybující aplikace: 0x01d35ae662773906
Cesta k chybující aplikaci: C:\Users\micha\AppData\Local\Temp\161281\ic-0.1efd32e7fb535.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3fdd70b6-21f0-4955-a09c-f9430ea816be
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2017 01:08:06 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (11/11/2017 01:08:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (11/11/2017 01:24:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby: 
Požadavek není podporován.

Error: (11/11/2017 01:24:08 PM) (Source: volmgr) (EventID: 49) (User: )
Description: Konfigurace stránkovacího souboru pro výpis stavu systému se
nezdařila. Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor
a zda je na něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error: (11/11/2017 01:08:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby: 
Požadavek není podporován.

Error: (11/11/2017 01:07:25 PM) (Source: DCOM) (EventID: 10010) (User: MISA_WIN10)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/11/2017 01:07:24 PM) (Source: DCOM) (EventID: 10010) (User: MISA_WIN10)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/11/2017 12:39:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/09/2017 09:48:11 PM) (Source: DCOM) (EventID: 10010) (User: MISA_WIN10)
Description: Server Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX6jbm6fjqte5wzzrf5807m7eq0z44q5gf.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/07/2017 07:59:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/07/2017 07:58:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Live Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/05/2017 09:13:41 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000003b (0x00000000c0000005, 0xfffff801ad072df0, 0xffffca81c1d17160, 0x0000000000000000). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: afbe9b8e-1549-4796-9147-780e9f5b9aaf


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 34%
Total physical RAM: 8120.02 MB
Available physical RAM: 5328.67 MB
Total Virtual: 16824.02 MB
Available Virtual: 13835.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.35 GB) (Free:18.84 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (ZALOHA) (Fixed) (Total:931.51 GB) (Free:229.97 GB) NTFS
Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:101.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A380F967)
Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 15B65200)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 15B65201)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================