﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Michal (23-05-2018 06:39:16)
Running from C:\Users\Michal\Desktop
Windows 10 Pro Version 1803 17134.48 (X64) (2018-05-15 04:43:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3269880313-949154138-3416270394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3269880313-949154138-3416270394-503 - Limited - Disabled)
Guest (S-1-5-21-3269880313-949154138-3416270394-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3269880313-949154138-3416270394-1002 - Limited - Enabled)
Michal (S-1-5-21-3269880313-949154138-3416270394-1000 - Administrator - Enabled) => C:\Users\Michal
WDAGUtilityAccount (S-1-5-21-3269880313-949154138-3416270394-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.2.2033.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3269880313-949154138-3416270394-1000\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{0EBC740B-4363-489B-8C27-98CE0740BA19}) (Version: 18.2.4 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.90.58241 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.90.58241 - ABBYY)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.0 - Adobe Systems Incorporated)
AmazingMIDI (HKLM-x32\...\AmazingMIDI) (Version:  - )
ANeT (HKLM\...\ANeT 10_is1) (Version:  - ANeT-Advanced Network Technology)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{9E005AAA-81A3-478E-8944-532D350952EE}) (Version: 11.3.1.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avid License Control (HKLM-x32\...\{F187D064-F101-4E95-8D05-4027809AA0F8}) (Version: 3.0.0 - Avid Technology, Inc.)
Balíček ovladače systému Windows - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Balíček ovladače systému Windows - RME Fireface (07/19/2017 3.1.23.0) (HKLM\...\5915A5862513DDE5D707543EDB46ED5C3489A0DD) (Version: 07/19/2017 3.1.23.0 - RME)
Balíček ovladače systému Windows - RME Fireface USB (12/18/2014 1.0.68.0) (HKLM\...\254EFDFA6C98FC2D10EFD755C11A67AE65A411A1) (Version: 12/18/2014 1.0.68.0 - RME)
Balíček ovladače systému Windows - RME HDSP Series (12/17/2014 4.0.5.0) (HKLM\...\715012E71FF31C33BDD093845B2B29CB0C5D485E) (Version: 12/17/2014 4.0.5.0 - RME)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Camera Control Pro 2 (HKLM-x32\...\{FE96C49B-DB90-405E-A00E-09E38372F880}) (Version: 2.4.0 - Nikon)
CamStudio 2.7 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.0 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.1.0 - Dell Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{30F302E6-9D30-404D-B784-533918C58BCA}) (Version: 3.0.40.191 - Broadcom Corporation)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 4.0.18189 - Invincea, Inc.)
Dell SupportAssist (HKLM\...\{122666A9-2995-4E47-A75E-6423A827B7AF}) (Version: 2.2.0.253 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.108 - ALPS ELECTRIC CO., LTD.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Document Express DjVu Plug-in (HKLM\...\{3677A6FF-9C6F-48B7-B0DC-E958C2FE4FFF}) (Version: 6.1.35472 - Cuminas Corporation)
EDIROL UA-1000 Driver (HKLM\...\RolandRDID0034) (Version:  - Roland Corporation)
ESET Endpoint Antivirus (HKLM\...\{3F2F7E08-192B-4F74-A540-E61BB8CD2A1E}) (Version: 6.2.2033.1 - ESET, spol. s r.o.)
ESET Remote Administrator Agent (HKLM\...\{A9A90B1E-2316-45EC-98A9-4173D159A171}) (Version: 6.2.190.0 - ESET, spol. s r.o.)
FCleaner 1.3.1.621 (HKLM-x32\...\FCleaner_is1) (Version:  - FTweak, Inc.)
FortiClient SSLVPN v4.0.2270 (HKLM-x32\...\{A34DCE59-0004-0000-2270-3F8A9926B752}) (Version: 4.0.2270 - Fortinet Inc.)
FractMus 2000 version 3.01 (HKLM-x32\...\{9EC271FE-7E55-4920-A68C-5389EFD14318}_is1) (Version: 3.01 - Gustavo Díaz-Jerez)
Gmail Backup (HKLM-x32\...\gmailbackup) (Version:  - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.37.5085 - Gretech Corporation)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 8.8.4.4 - Siber Systems)
Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 25.252.289.1553 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
HighC 2.866 (HKLM-x32\...\HighC_is1) (Version:  - Thomas Baudel)
iBackupBot 5.4.2 (HKLM-x32\...\iBackupBot) (Version: 5.4.2 - VOWSoft, Ltd.)
iCloud (HKLM\...\{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}) (Version: 7.4.0.111 - Apple Inc.)
iFunbox (v3.0.3109.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3109.1352 - iFunbox DevTeam)
IL Minihost Modular (HKLM-x32\...\IL Minihost Modular) (Version:  - Image-Line)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Network Connections 19.5.300.2 (HKLM\...\PROSetDX) (Version: 19.5.300.2 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.12.1059 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.2.54 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{32E851D9-FA8D-4F60-BED4-B0F613BF5E20}) (Version: 5.1.18.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{C2039790-AFFD-4761-896D-E97CDBC935F1}) (Version: 12.7.4.80 - Apple Inc.)
Lenovo Mouse Suite (HKLM\...\MouseSuite98) (Version: 6.80 - Lenovo)
loopMIDI (HKLM-x32\...\{55c0d955-4cee-452c-b393-d4c020a967d7}) (Version: 1.0.13.24 - Tobias Erichsen)
loopMIDI (HKLM-x32\...\{9E69C6CD-820A-44A9-9A0A-B7A56AD62A1E}) (Version: 1.0.13.24 - Tobias Erichsen) Hidden
loopMIDIBlockLegacy (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
Max 5.1.6 (HKLM\...\{4388C87D-A0F9-4B0E-96A4-AC3127022C88}) (Version: 135.1.6 - Cycling '74)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
MediaCoder 0.8.49.5890 (HKLM-x32\...\MediaCoder) (Version: 0.8.49.5890 - Mediatronic)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM-x32\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3269880313-949154138-3416270394-1000\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{57505B29-9D1D-45A3-9C15-D73447D7347D}) (Version: 9.00.4211.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
MIDI Control Center 1.1.0 (HKLM-x32\...\MIDI Control Center_is1) (Version: 1.1.0 - Arturia)
minimoog-v Original 2.5.3 (HKLM-x32\...\minimoogv2_5_is1) (Version: 2.5.3 - Arturia)
MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM-x32\...\{90160000-001F-041B-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version:  - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version:  - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Neuratron PhotoScore Ultimate Demo (HKLM-x32\...\Neuratron PhotoScore Ultimate Demo) (Version: 7.0.2 - Neuratron Ltd)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
OpenMG Limited Patch 4.7-07-14-05-01 (HKLM-x32\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )
OpenMG Secure Module 4.7.00 (HKLM-x32\...\{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation) Hidden
OpenVPN 2.3.9-I001  (HKLM\...\OpenVPN) (Version: 2.3.9-I001 - )
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.2.5569 - ownCloud)
Pd-0.38.4-extended-RC8 (HKLM-x32\...\pd_is1) (Version:  - pure-data.org)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (HKLM-x32\...\{3D0D9604-0173-488D-9694-2638C44D7579}) (Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (HKLM-x32\...\{8B0A956F-9BE6-495B-AF80-7B5B42061D79}) (Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Plustek OpticBook A300 (HKLM-x32\...\{0BC491EE-ED17-4091-BB26-4B4EA478B96A}) (Version: 5.1.0 - Plustek Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6105 - Realtek Semiconductor Corp.)
Renoise 3.1.0 (x64) (HKLM\...\Renoise (x64)_is1) (Version: 3.1.0 - Renoise)
RME Fireface USB (HKLM\...\FIREFACE_USB) (Version: 1.0.68.0 - RME Intelligent Audio Solutions)
Roblox Player for Michal (HKU\S-1-5-21-3269880313-949154138-3416270394-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
rtpMIDIBlockLegacy (HKLM-x32\...\{FD937297-84C3-41A5-B5DF-1FAEEE669D68}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
Scan Tailor (HKLM-x32\...\Scan Tailor) (Version:  - )
Sibelius 7 OpenType Fonts (HKLM-x32\...\{623C2BD8-1B28-4F98-B578-E9D139827269}) (Version: 7.1.3 - Avid)
Sibelius 7.1.3.77 (HKLM\...\Sibelius 7.0.0.23_is1) (Version: 7.1.3.77 - Avid)
SketchUp 2016 (HKLM\...\{D87EE6DC-32BA-4219-AC75-0A6FD54ED058}) (Version: 16.0.19912 - Trimble Navigation Limited)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SonicStage 4.3 (HKLM-x32\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation)
SoundGrain version 5.0.1 (HKLM-x32\...\{40AF40BB-C73D-46DF-A2F9-A19CCDEEF1DD}_is1) (Version: 5.0.1 - iACT.umontreal.ca)
SPEAR v0.7.4 r.148 (HKLM-x32\...\{164F4A4D-9564-4C61-BD10-CA24B4CBBC66}_is1) (Version:  - Michael Klingbeil)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0055 - ST Microelectronics)
Sugar Bytes Obscurium 1.0.5 (HKLM\...\Obscurium_is1) (Version: 1.0.5 - Sugar Bytes)
Sytrus (HKLM-x32\...\Sytrus) (Version:  - Image-Line)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TES V Skyrim Legendary Edition (HKLM-x32\...\TES V Skyrim Legendary Edition1.9.32.0.8) (Version: 1.9.32.0.8 - Bethesda by Etnik23)
teVirtualMIDI64 (HKLM\...\{9084640A-366B-4C44-BDB1-74864B460B13}) (Version: 1.2.10.38 - Tobias Erichsen) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Virtual MIDI Piano Keyboard (HKLM-x32\...\Virtual MIDI Piano Keyboard) (Version: 0.6.2 - VMPK)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VMware View Client (HKLM\...\{6248C52A-5236-4C07-9BD5-393C40A42316}) (Version: 5.2.1.937772 - VMware, Inc.)
WD SmartWare (HKLM\...\{07179D37-D5FE-4373-90D9-A25B992EFB3E}) (Version: 1.4.5.5 - Western Digital)
WIDI Recognition System Pro 4.03 (remove only) (HKLM-x32\...\WIDI Recognition System Pro 4.03) (Version:  - )
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Xfer Serum 1.07b3 (HKLM\...\Xfer Serum_is1) (Version:  - )
XML Copy Editor version 1.2.1.3 (HKLM\...\XML Copy Editor_is1) (Version: 1.2.1.3 - Zane U. Ji)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3269880313-949154138-3416270394-1000_Classes\CLSID\{7CB4D2F7-77AE-4A08-9BDF-21370FF8D6BD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefsext.dll (Google, Inc.)
CustomCLSID: HKU\S-1-5-21-3269880313-949154138-3416270394-1000_Classes\CLSID\{96836CC1-31EA-4F1C-A7F4-D67863D5D4FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefsext.dll (Google, Inc.)
CustomCLSID: HKU\S-1-5-21-3269880313-949154138-3416270394-1000_Classes\CLSID\{994B47B9-7DB9-5058-EE22-08DD039ADC4B}\InprocServer32 -> {1F2F9DC4-9468-D082-920D-5EEE85889A47} => No File
CustomCLSID: HKU\S-1-5-21-3269880313-949154138-3416270394-1000_Classes\CLSID\{9EE0C242-8973-456D-B382-0752476703FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefsext.dll (Google, Inc.)
CustomCLSID: HKU\S-1-5-21-3269880313-949154138-3416270394-1000_Classes\CLSID\{B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefsext.dll (Google, Inc.)
CustomCLSID: HKU\S-1-5-21-3269880313-949154138-3416270394-1000_Classes\CLSID\{C9F7D7A1-D13F-4C72-9AB0-06FDC65AA931}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefsext.dll (Google, Inc.)
CustomCLSID: HKU\S-1-5-21-3269880313-949154138-3416270394-1000_Classes\CLSID\{DD0822EE-9A03-4BDC-B947-4B99B97D5850}\InprocServer32 -> {5AF76058-9468-D082-0EF0-86AB85889A47} => No File
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {7CB4D2F7-77AE-4A08-9BDF-21370FF8D6BD} => C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefsext.dll [2018-05-16] (Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {C9F7D7A1-D13F-4C72-9AB0-06FDC65AA931} => C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefsext.dll [2018-05-16] (Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {96836CC1-31EA-4F1C-A7F4-D67863D5D4FD} => C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefsext.dll [2018-05-16] (Google, Inc.)
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2015-10-02] (ESET)
ContextMenuHandlers1-x32: [PDFManagerExt] -> {59E4A616-E484-44B5-95FB-7F430B35E8FE} => C:\Program Files (x86)\PDF Architect 2\creator-context-menu.dll [2014-10-10] (pdfforge GmbH)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-03-18] (Apple Inc.)
ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\VirtualCloneDrive\ElbyVCDShell1.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2015-10-02] (ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\VirtualCloneDrive\ElbyVCDShell1.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files (x86)\ownCloud\shellext\OCContextMenu_x64.dll [2015-06-19] (ownCloud Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-11-07] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2015-10-02] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3269880313-949154138-3416270394-1000: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefsext.dll [2018-05-16] (Google, Inc.)
ContextMenuHandlers4_S-1-5-21-3269880313-949154138-3416270394-1000: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefsext.dll [2018-05-16] (Google, Inc.)
ContextMenuHandlers5_S-1-5-21-3269880313-949154138-3416270394-1000: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefsext.dll [2018-05-16] (Google, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {050B1872-E768-4B9D-8CA5-BDFCAEE69E95} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {060EE263-2846-4BF4-9ED7-423EB452770E} - System32\Tasks\S-1-5-21-3269880313-949154138-3416270394-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)
Task: {06204E47-30C7-4940-8975-3A49C434EC70} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {067A6B06-594F-4B0F-9CAF-E954A2FEDD7D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A51A94F-F2BC-468F-93ED-A05845A1761F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0F2C9B23-967D-4A2B-918D-0206BCA91F28} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0FB3D837-D42A-495D-B5B1-E75EB856676C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1C8988BD-CB26-450C-91E5-1D755F0953B2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1E702B19-402A-441D-B711-7EE2EC948553} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1EA0D7AF-847A-4C1B-A823-2652A43CD0F2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {208F8EFC-86F7-44A0-87EC-FA27A65A94EF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {270F7B5C-325F-4BA3-AE92-625C4C584C51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-23] (Google Inc.)
Task: {2C8C06D7-5D30-48E6-B360-110FD1E883A6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {35665E54-688C-4800-B516-03FB9F30FB0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {35EDA614-16E1-4B59-8521-3767F92D7714} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {361488E4-023B-4BF5-9B66-590DF3C3D08A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-05] (Adobe Systems Incorporated)
Task: {3758F713-D787-407D-87B3-CEC27B954C25} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {391FB129-F3C1-48BC-8C84-2FBE0884383F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3BAB23C1-0906-43FB-9B22-93AE00C9F3BC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3E283D24-E2E6-43AE-983F-3C09140C2111} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3E79CFB8-BF11-4C2C-9D3C-CF57D3E17F0F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {4157BA96-F063-4FE2-8E42-D200C2E381FF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {474BE119-7312-4BFE-BAC2-EA8C6F60A06E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {4D82682C-769A-4047-A27F-00DE70E81C18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {58607B0C-606A-4361-A02E-06C1B571F5A7} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {58D5CD58-9D5F-4358-868D-1AE1F5BF02AE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5BB01022-81F9-4FDA-8498-201ADD356319} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5D472599-C303-42AF-BC59-8FCA9CC3CEEB} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {5F4EB3D4-3F61-4955-B1AE-67C179EA87AF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {64DC79C1-B217-459E-9BB3-9B90FCF4DE89} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {778C62BD-D866-4042-ACEC-4C45D36C27C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-23] (Google Inc.)
Task: {7F0EEB18-44DC-4C0B-BCE0-FA7132D9EEB1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {802EF250-0D20-4864-8700-71431756D1E8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {89C22408-94B2-4C72-B1C8-63163FD9709E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8D4CEABF-46DB-4166-A379-0518F6FFE462} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {90C30EE7-7DF5-44AD-B221-3B0ADF45928C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {946967B1-3970-4E61-9194-84CD3FCA2466} - System32\Tasks\{223152EB-AADE-4F98-A9E0-B3597D7E9504} => C:\WINDOWS\system32\pcalua.exe -a "I:\Plustek OpticBook A300\Start.exe" -d "I:\Plustek OpticBook A300"
Task: {9E82F3AD-7293-45DE-9554-90F0A5CF1C85} - System32\Tasks\{41ABB138-CDAE-4B39-AECF-4E3C0590ADAE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\RdDrv001\RDID0034\Uninstal.exe" -d C:\Windows\ImmersiveControlPanel
Task: {A205FD19-986C-401A-A59B-7127C14A658C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7B40181-F1A6-4312-8141-B3625869E996} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AA5AF0A7-1CB6-4223-8D96-9D2B03913298} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE11746D-64EF-47E8-AFAC-D9A054B5ADC5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B135971C-0B87-4A58-B774-81E2479ABD4D} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-07-29] (Realtek Semiconductor)
Task: {B1A6DB90-743A-42F3-9BE8-1EE03005115D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {B3134DFC-5D5D-4947-BAB8-A9878E4136E0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {B424F963-86C6-4E1E-A6F4-659FE755D578} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {B425F780-DAF4-494D-9B88-FA40FA5C5454} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B430D610-95B7-4F28-82F0-DAEB98773405} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B8EA87E3-D287-439C-A033-88DC9909828C} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {C40315D0-4058-441B-A64A-F2D5ABFF7634} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D0F21103-AF4B-4934-A29F-880F1B2091AB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-02-24] (Intel(R) Corporation)
Task: {D7C2A336-C013-4DD5-A4E4-0F21288F98AF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DA9E225B-BB34-4864-B83B-AF6B76A5D47A} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-05-11] (Dell Inc.)
Task: {DB8B264D-E44D-441D-AEB0-BC864C072953} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DF6F6162-A19B-40AE-8AC8-AE8A2B213054} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {E595AAD8-FFEC-488B-B729-FCDCF7CF779A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F761E894-5586-461F-A62E-DCCB4AB08933} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F7ABE724-8C8B-492B-B95A-4C62AD7953A6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {FC36BBE4-EC34-43AB-BADE-B3535DD0575D} - \LuckyBrowse -> No File <==== ATTENTION
Task: {FE965159-1CA6-4CD6-A6A9-28A564A2FF6A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer: 
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer: 

ShortcutWithArgument: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

==================== Loaded Modules (Whitelisted) ==============

2016-02-09 09:05 - 2006-11-30 17:41 - 000087040 _____ () C:\WINDOWS\System32\custmon64.dll
2016-01-04 10:06 - 2010-12-08 14:21 - 009073664 _____ () C:\WINDOWS\System32\SAFEQVS64.DLL
2016-01-04 10:06 - 2010-08-27 12:46 - 000602624 _____ () C:\WINDOWS\System32\SafeQCairoLib64.dll
2018-04-04 18:03 - 2018-04-04 18:03 - 000173760 _____ () C:\WINDOWS\system32\IntelWifiIhv04.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-03 15:36 - 2015-08-25 11:08 - 000187200 ____N () C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
2017-12-11 11:28 - 2017-11-24 14:42 - 000359424 _____ () C:\Program Files (x86)\ANeT\10\Uniservis\uniservis.exe
2011-03-09 12:41 - 2011-03-09 12:41 - 001066896 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
2011-03-09 12:41 - 2011-03-09 12:41 - 000491920 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
2018-05-21 09:41 - 2018-05-21 09:41 - 002587976 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1111\libprotobuf.dll
2017-11-07 19:07 - 2017-11-07 19:07 - 000401888 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-05-22 06:32 - 2018-05-16 09:08 - 003843832 _____ () C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefs_cc_icu_data_library_core.dll
2018-05-22 06:32 - 2018-05-16 09:08 - 002519800 _____ () C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefs_common_icuuc.dll
2018-05-22 06:32 - 2018-05-16 09:08 - 003299576 _____ () C:\Program Files\Google\Drive File Stream\25.252.289.1553\drivefs_icui18n.dll
2015-06-19 03:31 - 2015-06-19 03:31 - 000059392 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-12-20 22:21 - 2017-12-20 22:21 - 000948736 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\e_sqlite3.dll
2018-04-13 08:56 - 2018-04-13 08:56 - 002426040 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-04-13 08:56 - 2018-04-13 08:56 - 000381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2017-12-01 10:09 - 2017-12-01 10:09 - 000843672 _____ () C:\Program Files\WindowsApps\Microsoft.Services.Store.Engagement_10.0.17112.0_x64__8wekyb3d8bbwe\Microsoft.Services.Store.Engagement.dll
2018-03-16 21:27 - 2018-03-16 21:28 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 004644864 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll
2018-04-12 01:35 - 2018-04-12 17:53 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-08 08:04 - 2018-04-08 08:04 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-04-08 08:04 - 2018-04-08 08:04 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2015-10-21 10:36 - 2015-10-21 10:36 - 001704974 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2018-05-22 06:32 - 2018-05-16 09:08 - 096082680 _____ () C:\Program Files\Google\Drive File Stream\25.252.289.1553\libcef.dll
2018-05-22 06:32 - 2018-05-16 09:08 - 001771768 _____ () C:\Program Files\Google\Drive File Stream\25.252.289.1553\crashpad_handler.exe
2018-05-22 06:32 - 2018-05-16 09:08 - 004152568 _____ () C:\Program Files\Google\Drive File Stream\25.252.289.1553\libglesv2.dll
2018-05-22 06:32 - 2018-05-16 09:08 - 000101112 _____ () C:\Program Files\Google\Drive File Stream\25.252.289.1553\libegl.dll
2016-01-04 10:06 - 2010-12-08 14:21 - 000262144 _____ () C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe
2016-01-04 10:06 - 2010-12-08 14:21 - 000005120 _____ () C:\Program Files (x86)\Y Soft\SafeQ Client\Client\cs-CZ\SafeQ Client.resources.dll
2017-01-03 15:36 - 2015-08-24 18:59 - 000025920 ____N () C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
2017-01-03 15:36 - 2015-08-25 11:08 - 000236864 ____N () C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelElvDm.exe
2017-12-11 11:28 - 2017-11-24 14:42 - 000080896 _____ () C:\Program Files (x86)\ANeT\10\Uniservis\uniservis.dll
2017-12-11 11:28 - 2017-11-24 14:42 - 000303616 _____ () C:\Program Files (x86)\ANeT\10\Uniservis\anetsrvext.dll
2010-03-05 10:24 - 2010-03-05 10:24 - 000886272 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll
2015-03-16 19:28 - 2015-03-16 19:28 - 000155528 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-06-26 13:24 - 2017-06-26 13:24 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-06 17:48 - 2015-08-06 17:48 - 000051095 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2015-10-21 10:36 - 2015-10-21 10:36 - 000670222 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2015-10-21 10:36 - 2015-10-21 10:36 - 000977422 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2015-08-06 09:59 - 2015-08-06 09:59 - 000097326 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2015-08-06 09:59 - 2015-08-06 09:59 - 000922727 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2015-08-06 09:16 - 2015-08-06 09:16 - 001366986 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2015-08-06 09:14 - 2015-08-06 09:14 - 000209711 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2015-08-06 09:10 - 2015-08-06 09:10 - 000085548 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2015-08-06 09:21 - 2015-08-06 09:21 - 002197765 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2015-08-06 09:21 - 2015-08-06 09:21 - 001308778 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2015-08-06 09:11 - 2015-08-06 09:11 - 000148117 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2015-08-06 09:14 - 2015-08-06 09:14 - 000350662 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2015-08-06 11:35 - 2015-08-06 11:35 - 000247540 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2015-08-06 11:38 - 2015-08-06 11:38 - 000231727 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2015-08-06 09:21 - 2015-08-06 09:21 - 021539975 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2015-08-06 09:16 - 2015-08-06 09:16 - 000154982 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2015-08-06 09:17 - 2015-08-06 09:17 - 000689339 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2015-08-06 09:26 - 2015-08-06 09:26 - 001169416 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2018-03-16 15:20 - 2018-03-16 15:20 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2018-04-04 14:57 - 2014-09-09 13:30 - 000603648 _____ () C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2016-06-14 12:07 - 2009-10-28 17:11 - 001019904 _____ () C:\Program Files (x86)\Plustek\Plustek OpticBook A300\bmp2tiff.dll
2016-06-14 12:07 - 2010-12-13 18:20 - 000696320 _____ () C:\Program Files (x86)\Plustek\Plustek OpticBook A300\timage.dll
2016-06-14 12:06 - 2006-05-15 15:24 - 000122938 _____ () C:\Program Files (x86)\Common Files\iMpacct\CommonFunc.dll
2016-06-14 12:07 - 2013-09-06 13:58 - 000065024 _____ () C:\Program Files (x86)\Plustek\Plustek OpticBook A300\ScanAdvanced.dll
2016-06-14 12:07 - 2013-09-26 17:01 - 000116224 _____ () C:\Program Files (x86)\Plustek\Plustek OpticBook A300\ScanApi.dll
2016-06-14 12:07 - 2008-09-18 12:23 - 000024576 _____ () C:\Program Files (x86)\Plustek\Plustek OpticBook A300\FineReader.dll
2016-06-14 12:07 - 2007-08-08 12:08 - 000036864 _____ () C:\Program Files (x86)\Plustek\Plustek OpticBook A300\MaxReader.dll
2016-06-14 12:07 - 2007-06-26 17:08 - 000040960 _____ () C:\Program Files (x86)\Plustek\Plustek OpticBook A300\DetectSession.dll
2016-06-14 12:07 - 2005-09-21 14:37 - 000073728 _____ () C:\Program Files (x86)\Plustek\Plustek OpticBook A300\Copy Utility.dll
2016-06-14 12:07 - 2011-03-29 15:42 - 000053248 _____ () C:\Program Files (x86)\Plustek\Plustek OpticBook A300\PrnDriver.dll
2015-02-26 19:07 - 2015-02-09 18:14 - 001905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2015-12-05 22:40 - 2012-11-26 06:19 - 001153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-12-05 22:40 - 2014-02-18 22:12 - 000117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\MSIHANDLE:635 [0]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSIHANDLE:687 [0]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSIHANDLE:785 [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3269880313-949154138-3416270394-1000\Control Panel\Desktop\\Wallpaper -> C:\DATA\Michal - dokumenty\Foto\2018.04.01_Velikonoce_by_MI0013.jpg
DNS Servers: 10.2.0.3 - 10.2.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4E404CCB-8E66-49B8-BA62-9BBC5DE793F9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{CD5B651B-4C02-4EFF-9D7D-40C7D866E523}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{D77566B4-E70D-49EA-B567-FE51BC8FEC81}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{3E7D2AA3-0753-43DC-91F4-7933E26B1211}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{BBA1A9BD-3FFD-40D2-96D2-EF165F00C96B}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{ECF36F15-4815-449D-B647-18223B9CFAD2}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{178F979C-D0F7-41F7-B6B3-358C27375C35}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{F3BE2D58-D0C6-471B-8A70-72406093F702}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{2DB25E8A-BFCB-40AE-A154-1CE00D765FB9}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{C5370110-1319-42D7-A19B-909664D6535F}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{72F01C76-FAD9-475E-ADCC-AA7C50043599}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{B92AF6CA-8D58-4F45-87BA-78B7F166D20C}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{AE5E158D-AE63-4097-93BE-277A9BE26359}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{CD054F22-5B0C-47AB-AA98-CFF3C8B1D6DF}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{6194B6DA-C5D4-4E7D-87AD-E78FCD603A08}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{D4ECB5B6-6E3E-4758-8660-8C44F9B2DD7D}] => (Block) C:\program files (x86)\vmpk\vmpk.exe
FirewallRules: [{A520DD56-4FD7-40C5-9C53-C6C9013E7D08}] => (Block) C:\program files (x86)\vmpk\vmpk.exe
FirewallRules: [UDP Query User{C0FDF411-5DFD-4349-8EA8-A3D2DD1F747B}C:\program files (x86)\vmpk\vmpk.exe] => (Allow) C:\program files (x86)\vmpk\vmpk.exe
FirewallRules: [TCP Query User{C33E8176-066B-42EA-A074-5E0A667B0F63}C:\program files (x86)\vmpk\vmpk.exe] => (Allow) C:\program files (x86)\vmpk\vmpk.exe
FirewallRules: [{7FC086BE-BD97-48FC-B893-E4A492D45B46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4D862C87-843E-43D4-A864-6419511C873B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E7E6905A-8EDD-4123-91F7-C1F2AE3FDB0C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3285E0B9-F64D-4DF0-AFE4-96EAB9E9084D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{DC9EB8CA-A593-4923-800D-D14CAD35DCD0}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{B6DD6D1D-7F21-48C9-8EFF-1D11FB2EC51F}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{5A5B5566-E2CA-4CF0-BD51-D25823D667D5}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{C8CED3F7-1943-4C3E-99CC-71C1AD47F42C}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{7998BB0C-6564-4F26-9EC6-7F9118444154}C:\program files (x86)\pd\bin\pd.exe] => (Allow) C:\program files (x86)\pd\bin\pd.exe
FirewallRules: [TCP Query User{353F257D-8E03-4B1F-B0FE-003156E07A2F}C:\program files (x86)\pd\bin\pd.exe] => (Allow) C:\program files (x86)\pd\bin\pd.exe
FirewallRules: [{3766CAD3-D56B-4B2D-B883-93BC8E62E47C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FD8D3AAC-4CCC-4767-A230-0FED62292015}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{00281D72-8125-4BC7-ACED-C899A5B97ABC}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8E2AA034-3203-48EF-8F38-E2AF15DA04AC}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6FD4E0C0-DCF4-4E22-8BEE-4CC3A9F67588}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{220CE14C-4B05-4C2D-858D-E34F730758F7}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{49CD6B8B-DFAC-45E4-BF22-CF067571402E}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{00CB5B55-A74A-4606-863F-88A5960B5DE0}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{0756837F-3DD0-406A-AA0A-E5B26380F3F4}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [{A9F324CF-7C83-4F5C-876E-C8E184E8D982}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [TCP Query User{F817F806-4EFD-462A-9A56-4E4965E7AF58}C:\program files (x86)\cycling '74\max 5.0\max.exe] => (Block) C:\program files (x86)\cycling '74\max 5.0\max.exe
FirewallRules: [UDP Query User{FDE3D943-4497-4331-9935-60855DF56097}C:\program files (x86)\cycling '74\max 5.0\max.exe] => (Block) C:\program files (x86)\cycling '74\max 5.0\max.exe
FirewallRules: [TCP Query User{410E95D2-B76A-458A-A96D-A8D1B10B5292}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{50410C12-1BCA-427A-8B19-90B696283BE8}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [{A37C23A8-DE29-436C-A904-4C20B5DA3E8E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2F207AD2-0817-4430-AA9B-23749E5ABECF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{71F370A8-48A9-4F69-BD2E-988C06C87541}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3EF11AFE-E989-4508-962F-56389D612F21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{70D7DBC5-5030-4317-AFA6-332711891A7D}C:\program files (x86)\image-line\minihost\minihostmodular.exe] => (Allow) C:\program files (x86)\image-line\minihost\minihostmodular.exe
FirewallRules: [UDP Query User{81C31FC8-97F6-4180-AC49-5B98A8E275EC}C:\program files (x86)\image-line\minihost\minihostmodular.exe] => (Allow) C:\program files (x86)\image-line\minihost\minihostmodular.exe
FirewallRules: [TCP Query User{92F25186-50F4-4722-BFEB-08C238671F1B}C:\program files (x86)\image-line\minihost\minihostmodular_x64.exe] => (Allow) C:\program files (x86)\image-line\minihost\minihostmodular_x64.exe
FirewallRules: [UDP Query User{47B40009-AFC0-4289-8A4F-6BCEEB90F6A7}C:\program files (x86)\image-line\minihost\minihostmodular_x64.exe] => (Allow) C:\program files (x86)\image-line\minihost\minihostmodular_x64.exe
FirewallRules: [{C34F3F92-34E4-48A2-8A9D-D7A9EAFFD5EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACBEA13B-FF94-4F0A-B245-40C8D48887F7}] => (Allow) %systemroot%\system32\alg.exe

==================== Restore Points =========================

21-05-2018 12:59:18 SupportAssist_786f5480-2e0b-4f47-8735-1d4a7371b4de

==================== Faulty Device Manager Devices =============

Name: Virtual CloneDrive
Description: Virtual CloneDrive
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Elaborate Bytes AG
Service: VClone
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/23/2018 06:39:32 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu  na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (05/23/2018 06:39:27 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu  na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (05/23/2018 06:39:22 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu  na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (05/23/2018 06:39:17 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu  na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (05/23/2018 06:39:12 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu  na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (05/23/2018 06:39:07 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu  na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (05/23/2018 06:39:02 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu  na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (05/23/2018 06:38:57 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu  na SECURITY_PRODUCT_STATE_ON došlo k chybě.


System errors:
=============
Error: (05/23/2018 06:31:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba antiviru Windows Defender byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Spustit nakonfigurovaný program pro obnovení.

Error: (05/23/2018 06:27:40 AM) (Source: DCOM) (EventID: 10016) (User: Michal-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli Michal-PC\Michal (SID: S-1-5-21-3269880313-949154138-3416270394-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/23/2018 06:24:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/23/2018 06:21:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/23/2018 06:21:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/23/2018 06:21:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/23/2018 06:21:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/23/2018 06:21:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-05-22 07:22:03.904
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Michal\Desktop\FRSTLauncher.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
Verze podpisu: AV: 1.267.1780.0, AS: 1.267.1780.0, NIS: 1.267.1780.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-22 07:20:58.439
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Michal\Desktop\FRSTLauncher.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
Verze podpisu: AV: 1.267.1780.0, AS: 1.267.1780.0, NIS: 1.267.1780.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-22 07:20:53.195
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Michal\Desktop\FRSTLauncher.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
Verze podpisu: AV: 1.267.1780.0, AS: 1.267.1780.0, NIS: 1.267.1780.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-21 14:51:39.508
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Michal\Desktop\Nepotvrzeno 622678.crdownload
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Michal-PC\Michal
Název procesu: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Verze podpisu: AV: 1.267.1740.0, AS: 1.267.1740.0, NIS: 1.267.1740.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-21 14:51:22.470
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Michal\Desktop\Nepotvrzeno 253284.crdownload
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Michal-PC\Michal
Název procesu: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Verze podpisu: AV: 1.267.1740.0, AS: 1.267.1740.0, NIS: 1.267.1740.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-23 06:31:55.316
Description: 
Modul programu Antivirová ochrana v programu Windows Defender byl ukončen v důsledku neočekávané chyby.
Typ chyby: Zavěšení
Kód výjimky: 
Zdroj: file:C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_004db7

Date: 2018-05-20 19:53:47.042
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-05-17 11:31:24.329
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.267.1435.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14800.3
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

CodeIntegrity:
===================================

Date: 2018-05-21 14:27:41.367
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-5300U CPU @ 2.30GHz
Percentage of memory in use: 43%
Total physical RAM: 8064.3 MB
Available physical RAM: 4550.76 MB
Total Virtual: 16256.3 MB
Available Virtual: 11780.7 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:228.24 GB) (Free:28.96 GB) NTFS
Drive g: (Google Drive File Stream) (Fixed) (Total:15 GB) (Free:14.96 GB) FAT32
Drive y: (RECOVERY) (Fixed) (Total:10.2 GB) (Free:1.55 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{9e2512ba-16e6-11e8-bdc5-185e0fafcc96}\ () () (Total:0 GB) (Free:0 GB) 

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: 56635988)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=10.2 GB) - (Type=27)
Partition 3: (Not Active) - (Size=228.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================