Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by User (04-07-2018 14:20:38)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1803 17134.112 (X64) (2018-05-27 20:42:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4265154283-1864003611-3609055146-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4265154283-1864003611-3609055146-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4265154283-1864003611-3609055146-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-4265154283-1864003611-3609055146-501 - Limited - Disabled)
User (S-1-5-21-4265154283-1864003611-3609055146-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-4265154283-1864003611-3609055146-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4265154283-1864003611-3609055146-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{52B66F1A-E977-41EE-8359-3C4040BE72F5}) (Version: 12.2.8.198 - Adobe Systems, Inc)
Aktualizácie NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Alone In The Dark (HKLM-x32\...\Alone In The Dark_is1) (Version:  - Atari)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
C-TECH AKANTHA ULTIMATE GAMING SOFTWARE 1.2 (HKLM-x32\...\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE) (Version: 1.2 - C-TECH)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5307.55 - CyberLink Corp.)
Dead Rising 3 Apocalypse Edition (HKLM-x32\...\Dead Rising 3 Apocalypse Edition_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden
Dragon Gaming Center (HKLM-x32\...\{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1501.2801 - Micro-Star International Co., Ltd.) Hidden
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1501.2801 - Micro-Star International Co., Ltd.)
Dying Light (HKLM-x32\...\1448452156_is1) (Version: 2.0.0.8 - GOG.com)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.48.30259 - Electronic Arts)
FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Google Chrome (HKLM\...\{ED4B0482-0731-311E-80BB-7D1A87FDF296}) (Version: 67.0.3396.99 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.)
Infinity (HKU\S-1-5-21-4265154283-1864003611-3609055146-1001\...\Infinity) (Version: 4.0.4 - WeMod)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{31C74FA2-2AB9-41C3-BFBE-693283E4C28B}) (Version: 17.1.1527.1534 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{795ee3a0-97fa-489a-9543-7564ccc43be4}) (Version: 18.12.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{F1D42BC7-5A6A-463A-94F7-87DC10AF24BC}) (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer E240x Drivers (HKLM\...\{60FDE5D6-FF5D-4875-8ABF-00D17307BC30}) (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{DD1185A8-C3E0-4838-B6D9-07E8625220D3}) (Version: 1.1.56.1122 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.56.1122 - Rivet Networks)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker Silver (HKLM\...\{CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403}) (Version: 21.0.3.44 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Silver (HKLM-x32\...\MX.{CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403}) (Version: 21.0.3.44 - MAGIX Software GmbH)
MAGIX Music Maker Silver Soundpools (HKLM\...\{CC8B6E22-F579-46A1-A9F3-985F114590F0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photo Manager 15 (HKLM\...\{10FDDBB2-C9D3-4207-B3A9-4910464BA0B0}) (Version: 11.0.2.36 - MAGIX Software GmbH) Hidden
MAGIX Photo Manager 15 (HKLM-x32\...\MX.{10FDDBB2-C9D3-4207-B3A9-4910464BA0B0}) (Version: 11.0.2.36 - MAGIX Software GmbH)
Malwarebytes verzia 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Office 365 - hr-hr (HKLM\...\O365HomePremRetail - hr-hr) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Office 365 - ro-ro (HKLM\...\O365HomePremRetail - ro-ro) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Office 365 - ru-ru (HKLM\...\O365HomePremRetail - ru-ru) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Office 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Office 365 - sl-si (HKLM\...\O365HomePremRetail - sl-si) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Office 365 - sr-latn-rs (HKLM\...\O365HomePremRetail - sr-latn-rs) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Office 365 - uk-ua (HKLM\...\O365HomePremRetail - uk-ua) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Minecraft1.12.2 (HKLM-x32\...\Minecraft1.12.2) (Version:  - )
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
MSI Social Media Collection (HKLM-x32\...\{7ADEC426-BE95-48EF-84D4-086BD0F4D331}) (Version: 1.14.2251 - Micro-Star International Co., Ltd.)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Grafický ovládač 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0418-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0419-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-041A-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0422-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-241A-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.21.179 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.36 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
SCM (HKLM\...\{48B3982B-546D-405D-BDB6-E09D8EBC340E}) (Version: 13.016.06153 - Application)
Skype™ 7.36 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.36.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.6.1 - Synaptics Incorporated)
The Elder Scrolls V Skyrim Legendary Edition version 1.9.32.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Legendary Edition_is1) (Version: 1.9.32.8 - Mr DJ)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
War Thunder Launcher 1.0.3.48 (HKU\S-1-5-21-4265154283-1864003611-3609055146-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Warface (HKLM-x32\...\Warface) (Version:  - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinZip 22.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2411B}) (Version: 22.5.13114 - Corel Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4265154283-1864003611-3609055146-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4265154283-1864003611-3609055146-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4265154283-1864003611-3609055146-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4265154283-1864003611-3609055146-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4265154283-1864003611-3609055146-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4265154283-1864003611-3609055146-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4265154283-1864003611-3609055146-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4265154283-1864003611-3609055146-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4265154283-1864003611-3609055146-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4265154283-1864003611-3609055146-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll ()
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2018-04-22] (WinZip Computing)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2018-04-22] (WinZip Computing)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2018-04-22] (WinZip Computing)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01F6C7BC-49A5-4421-B777-53C82B9E2F32} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-24] (TODO: <公司名稱>)
Task: {13CB36B5-872E-438C-85DE-16B3CD315EC8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-20] (Microsoft Corporation)
Task: {222FC623-95D1-41FD-8173-A1624C786A58} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {29918E84-EB79-479E-8419-D63D64B958D0} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [2017-07-25] (Micro-Star International Co., Ltd.)
Task: {29E6E256-B223-4DC9-B5C6-7D7D6C690A2A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {2A0CE98D-B940-4B4D-B923-FA80626EF656} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {2F46E9AB-0F94-4B12-AD94-AC5B1F481D78} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-20] (Microsoft Corporation)
Task: {3276210D-FD27-4BB1-91CC-8789F6B4AEEE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {36D7AF47-F994-4B86-9046-9AF71CA86D8E} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2018-04-22] (Corel Corporation)
Task: {372E4B01-5138-4436-82DA-9DC04B735E75} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {397585C5-B678-490F-8A16-D21FC277DD4B} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2018-04-22] (Corel Corporation)
Task: {3E615D76-7683-4D07-B01E-035DB2ECDE6A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-30] (Microsoft Corporation)
Task: {3EE906DB-AF3C-4D0A-8797-5A64B3EBC0BB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-30] (Microsoft Corporation)
Task: {40ECD1EE-BAA8-4825-AAAC-90FCB28EBBC9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {5AA97987-83C8-4686-9D64-8BF47526384F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-28] (Google Inc.)
Task: {5E297F97-7F79-4553-880A-E9D35633AB16} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-06-30] (Microsoft Corporation)
Task: {61C1172F-39F0-46E7-B7C5-24A4C79B755C} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6FB81633-B250-4372-8E83-ECC005960B54} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-07-01] (Synaptics Incorporated)
Task: {7DF3FCF0-4324-45DB-9B08-6D91660B581F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-06-30] (AVG Technologies CZ, s.r.o.)
Task: {83277B62-26CD-4AAA-8DDE-5619B2C993D5} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-06-30] (Microsoft Corporation)
Task: {83EFFE12-C5CD-400B-9BD8-F29937B39FAB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {868A631B-7466-4034-B841-F9174FB39E56} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {8A44EE36-A82A-4349-BB85-EFF0807C3098} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {8CADD9FF-6D90-4599-BF39-AD9376D44666} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {8FCCA288-ABFC-40A3-A06A-FE125A77DD4A} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {93476909-0891-4EE6-B698-5959A0086088} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
Task: {B0309F0F-5E25-4566-9B09-71733E8E43C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-28] (Google Inc.)
Task: {BFEF7C7B-F88B-4B1A-BD94-01C691D1F14E} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
Task: {CE4E8DEA-C567-430E-9258-508B48ACE725} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-05-11] (CyberLink Corp.)
Task: {D6B90333-B0AB-41C0-9CE4-6D0DCF8FDD9E} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2018-04-22] (Corel Corporation)
Task: {E1341EBA-9494-45B2-B574-D17141D4B036} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {EA249D21-A074-4FB7-A76F-FC42DD97BB4E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {F598D912-E93B-4B06-861E-5E1B01F7AFB1} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\User\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Loaded Modules (Whitelisted) ==============

2018-06-15 19:02 - 2018-05-20 19:33 - 001315112 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-10-03 01:46 - 2018-04-14 14:56 - 000076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-07-03 16:54 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-10-10 20:16 - 2018-06-24 17:31 - 000138128 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-06-20 19:26 - 2018-05-20 19:33 - 000020264 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-13 12:00 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-23 19:30 - 2018-05-23 19:30 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-23 19:30 - 2018-05-23 19:30 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-23 19:30 - 2018-05-23 19:30 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-23 19:30 - 2018-05-23 19:30 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-23 19:30 - 2018-05-23 19:30 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-06-15 19:03 - 2018-05-20 19:33 - 095437608 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-06-15 19:03 - 2018-05-20 19:33 - 003029288 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-06-15 19:03 - 2018-05-20 19:33 - 000149800 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-06-08 15:47 - 2018-06-08 15:48 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-08 15:47 - 2018-06-08 15:48 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-11 14:07 - 2017-10-11 14:08 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-30 14:26 - 2018-05-30 14:28 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-04-26 08:53 - 2018-04-26 08:54 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-30 14:26 - 2018-05-30 14:27 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-30 14:26 - 2018-05-30 14:28 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-05 08:51 - 2018-04-05 09:45 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-08 15:47 - 2018-06-08 15:48 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-30 14:26 - 2018-05-30 14:27 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-08 15:47 - 2018-06-08 15:47 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-30 14:26 - 2018-05-30 14:28 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-05-30 14:26 - 2018-05-30 14:28 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-30 14:26 - 2018-05-30 14:28 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-08 15:47 - 2018-06-08 15:48 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
2018-06-27 16:27 - 2018-06-27 16:28 - 027126784 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-06-27 16:27 - 2018-06-27 16:28 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-06-27 16:27 - 2018-06-27 16:28 - 006735872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-02-09 19:26 - 2018-02-09 19:26 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-21 09:22 - 2018-06-21 09:23 - 000093696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-06-21 09:22 - 2018-06-21 09:22 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-21 09:22 - 2018-06-21 09:23 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-06-26 16:47 - 2018-06-22 21:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-26 16:47 - 2018-06-22 21:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2015-08-07 10:09 - 2015-08-07 10:09 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-10-20 19:52 - 2018-05-20 19:33 - 001033000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4265154283-1864003611-3609055146-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2018-07-02 15:39 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4265154283-1864003611-3609055146-1001\Control Panel\Desktop\\Wallpaper -> C:\Recovery\OEM\MSI_Gaming+NV_wallpaper(3840x2160)-OK.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-4265154283-1864003611-3609055146-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-4265154283-1864003611-3609055146-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4265154283-1864003611-3609055146-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4265154283-1864003611-3609055146-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4265154283-1864003611-3609055146-1001\...\StartupApproved\Run: => "World of Tanks"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{359E6588-A515-45FF-AAB4-C8092D4F3C6C}D:\games\dead island riptide definitive edition\deadislandriptidegame.exe] => (Allow) D:\games\dead island riptide definitive edition\deadislandriptidegame.exe
FirewallRules: [TCP Query User{C13629B6-CC1F-44D8-A5CE-FA4EA80235FD}D:\games\dead island riptide definitive edition\deadislandriptidegame.exe] => (Allow) D:\games\dead island riptide definitive edition\deadislandriptidegame.exe
FirewallRules: [{987D0E25-70D5-4159-B656-0DD2F4ABE9D0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F5994770-96EE-4777-81C8-C8BDB8F0905B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [UDP Query User{657DBC66-0DA5-41F7-A118-4C658617CE12}D:\games\bfh\bfh.exe] => (Allow) D:\games\bfh\bfh.exe
FirewallRules: [TCP Query User{72118091-FD68-4602-A4D1-56F579B032C6}D:\games\bfh\bfh.exe] => (Allow) D:\games\bfh\bfh.exe
FirewallRules: [{28CB17FE-7878-47A1-8873-EF19ADA7D281}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{08CD1EB2-F7B8-4264-95D5-45AA89777B1B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AA26ECD6-0BDF-4703-B2CE-57D6EB47DC2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{63281710-EB01-4BA5-8831-CE1C459353D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{C9FEAD44-AF74-4FD5-A027-504566DC2D09}C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{F9C78577-4778-4458-8D7A-1962BC1A016E}C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{ED45247C-B449-4349-AF7B-4702A9B05CA4}C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{C8433003-AE82-42FD-B26A-22C6C32FAE0D}C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{C8E46E0E-D995-4D77-A83B-A1164DA3E42E}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [TCP Query User{197E8676-59F6-4954-B18F-2837861AB796}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [UDP Query User{3A9C8A70-E532-4EC1-995C-B48A7EA414FF}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{5FABF032-CBC2-4E3F-AD5B-845313546383}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{56865FED-A099-45EF-B159-AED8E9B28470}C:\users\user\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\user\appdata\local\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{A67A669D-E261-403C-A9B0-C4A1595A4777}C:\users\user\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\user\appdata\local\warthunder\win64\aces.exe
FirewallRules: [{7DAA4EED-B8DC-4BFA-9D37-4DD8FCD97683}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{D09F31D0-6E6C-4B18-86E3-14E7C8EE09EC}C:\program files\fifa18\fifa18.exe] => (Allow) C:\program files\fifa18\fifa18.exe
FirewallRules: [TCP Query User{4948D98F-E163-4436-BC94-BE219157066E}C:\program files\fifa18\fifa18.exe] => (Allow) C:\program files\fifa18\fifa18.exe
FirewallRules: [UDP Query User{6C6E1384-DC56-400B-A71F-2EFBF33A6C74}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [TCP Query User{5A29F549-5911-4EAF-BD6D-52DF224B380E}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{42B1A712-7824-4759-B7E1-34D2D372884C}C:\program files\fifa18\fifa18.exe] => (Block) C:\program files\fifa18\fifa18.exe
FirewallRules: [TCP Query User{C08655AC-77EF-4486-A738-7DD83DA69CD2}C:\program files\fifa18\fifa18.exe] => (Block) C:\program files\fifa18\fifa18.exe
FirewallRules: [UDP Query User{59B34C3B-F3E3-4AFF-BEC5-1DF11CF23417}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{7DD2449D-2E63-4C5C-81A1-AAA6492E3225}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{B732563A-0AD2-4057-B476-2C759DDF04AB}] => (Allow) C:\Program Files (x86)\Atari\AITD\Alone.exe
FirewallRules: [{B9028659-A6CE-446D-9F68-38D29F8A93B4}] => (Allow) C:\Program Files (x86)\Atari\AITD\Alone.exe
FirewallRules: [UDP Query User{5C4BCB46-C6A8-4296-B6D2-5F5E36EF781D}C:\users\user\appdata\roaming\utorrent\updates\3.5.0_44294.exe] => (Block) C:\users\user\appdata\roaming\utorrent\updates\3.5.0_44294.exe
FirewallRules: [TCP Query User{8D0F684C-4117-4F9F-943B-46D1CBEA73A1}C:\users\user\appdata\roaming\utorrent\updates\3.5.0_44294.exe] => (Block) C:\users\user\appdata\roaming\utorrent\updates\3.5.0_44294.exe
FirewallRules: [UDP Query User{9B24B22E-2F9D-4939-93C8-3E2BAA4AEFD2}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{CC419D06-B57F-46CA-BB3B-421D21F98F2C}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{DA9A1824-190F-4C67-A583-6EF48B161408}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{780F5097-2A51-46A5-85D3-500BBFAEE8B7}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6A25DD04-FFD2-4A9B-8A82-935FCE39A1CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{230E3F90-497B-4086-AAAE-1F6F06ACA54A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{D4D124C8-A655-4B45-A325-E768C46DE637}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{F49EF6B9-1D6F-463A-B0AC-16EFB9B9AA33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{DE566C99-C6FA-48C0-912C-DBA171ABCA48}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{2D72BD97-A0DF-425C-8BAD-19334AD9EB5C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{C573A189-0653-4F7E-A90A-F604E28D1B27}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{BA0736CE-78A9-4F32-B27A-FD57CAC9054F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{329DD004-10BD-440D-8673-799E2333931D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{20369DC3-09E9-4D16-B355-3FFE5AE33775}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7197B342-F3B6-47EB-ACC5-650BDD29EC17}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7F8937BA-50AD-4DCB-8B9A-CC39CD7AA02F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5EB6B272-5FE3-4412-AAE0-3A4A34FE7803}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{81A34DE8-B3A2-4D01-A45E-D534A69E3130}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{693EFED3-EE37-4635-A059-4631CE179395}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{CAA96744-4B25-4025-99A0-A2DAD3676917}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{69043A9E-DCCF-4A05-9FD4-9509132559CF}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{9DD8C582-25DC-4F36-837F-A72608796FE3}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{1F6229BD-33FD-4C5C-8287-D8667752DC66}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2AB1EAD4-FD97-4B86-BD63-65322F6E8AD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CC003189-796D-45B7-9E66-CEBC88B68DA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{001A6D24-1F86-418B-A100-50817AA47C7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA7D71EE-68B6-457A-A96E-E5D15134F5F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DC1CA9D0-DF51-4168-8A4B-D73D5C88DA8C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{9A8F7033-AF28-40B7-BE04-B3B27A5B9C84}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [TCP Query User{E6D59E8A-7333-4536-A786-0D3E6AA6A94A}C:\users\user\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\user\appdata\local\warthunder\launcher.exe
FirewallRules: [UDP Query User{38BC8EA8-BDC9-4016-8157-6A395AA8EF9D}C:\users\user\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\user\appdata\local\warthunder\launcher.exe
FirewallRules: [TCP Query User{C48B76FE-33E8-4CB3-9A8F-ADB919B484E1}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{4E0F8FC3-659A-457C-B633-EFF79462AE4A}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{9CFC39E4-F2B3-4022-9753-4CDDC88A9BAB}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{3E3A8E66-ECC4-4984-9940-108475E9F128}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [TCP Query User{441B7526-BF4B-4E08-BEBF-7374FF5C3895}C:\games\left 4 dead 2\left4dead2.exe] => (Allow) C:\games\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{55D16EA4-463D-42C9-ABAD-695A52571D72}C:\games\left 4 dead 2\left4dead2.exe] => (Allow) C:\games\left 4 dead 2\left4dead2.exe
FirewallRules: [{D6C89A9F-50E7-4507-BDEB-A20C98D2EE54}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{6BCACE50-3E1E-40CB-81CC-E4B2DEE56207}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [TCP Query User{909617F8-F2E5-4087-9442-891F4A08689F}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{27EBBF06-35B0-4C5D-BBCE-ECD8440791D9}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [{F3EA85D3-4BDE-4BA5-ACB8-170D34A76DF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{2C75A469-2C37-4C62-A21A-F4BA81C45F78}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{D8B55651-307E-4CFB-B2F6-A8BE37185364}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{073B1282-911B-459B-8862-D9726DEDDB85}C:\users\user\desktop\spintires\spintiresmudrunner\spintires mudrunner\mudrunner.exe] => (Allow) C:\users\user\desktop\spintires\spintiresmudrunner\spintires mudrunner\mudrunner.exe
FirewallRules: [UDP Query User{E02ABEA6-05CC-49E2-AF4B-A65BD8BDF802}C:\users\user\desktop\spintires\spintiresmudrunner\spintires mudrunner\mudrunner.exe] => (Allow) C:\users\user\desktop\spintires\spintiresmudrunner\spintires mudrunner\mudrunner.exe
FirewallRules: [TCP Query User{D7F362A7-A506-4005-A207-A9BA17C8C3C5}D:\games\doom\doom\doomx64.exe] => (Allow) D:\games\doom\doom\doomx64.exe
FirewallRules: [UDP Query User{771B97C9-ED09-444B-B9CA-8E9FC983E9CA}D:\games\doom\doom\doomx64.exe] => (Allow) D:\games\doom\doom\doomx64.exe
FirewallRules: [{9806D43D-6480-4885-A708-9B281AF98A72}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{8808D64D-E5CB-47D8-89B5-ADF2E17AD965}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{FFEDCE81-349F-4ABF-834A-520FB20BBC35}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{B37633CC-1075-4563-B8DB-FD5F049D118B}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{0D41320B-C5A1-44FC-BABD-9F14B8A6D7D2}] => (Allow) C:\Games\wot test\WoTLauncher.exe
FirewallRules: [{4B8560CF-2133-41AE-8537-7257672E9E6B}] => (Allow) C:\Games\wot test\WoTLauncher.exe
FirewallRules: [{06A29610-298D-4016-9125-EF1B6D1F6F2A}] => (Allow) C:\Games\wot test\worldoftanks.exe
FirewallRules: [{17A8BDC8-A6A5-4052-9825-2DADC9C3D7F5}] => (Allow) C:\Games\wot test\worldoftanks.exe
FirewallRules: [TCP Query User{54B9FC75-9DA4-468B-860E-D07A83EF0FD2}C:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{E96E6F4E-A55B-4081-B564-53C8691C780D}C:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [{3E336983-369A-4151-A56C-EFB06347CC8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DB451F63-2913-4C85-9322-74BD25C0AA13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E6BBDC0D-8C95-4297-84E0-606FB94C4BDA}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe
FirewallRules: [{A96235F6-947B-4E9D-89B6-D4EF6543A966}] => (Allow) C:\Program Files (x86)\Common Files\obwVDOezYjEXy.exe
FirewallRules: [{15F0FA72-F868-4093-ABD6-6A9151FB2CE5}] => (Allow) C:\Program Files (x86)\IiaABdYyeioO.exe
FirewallRules: [{382F91A9-6604-4092-A72C-DDF5D6581BB1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{90C6C9C9-ACCA-4082-AC1E-F0CEBF871022}] => (Allow) D:\Program Files\Nox\bin\Nox.exe
FirewallRules: [{CF666C26-A27C-4C09-BB1A-20004353182E}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{7FBEE721-05E9-499C-8F13-A1AD899C6B4E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E064091C-B8E6-4D11-BBC2-D23A239DC1D8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{CBE90506-435D-46DA-BC32-BACB3CF8DBD4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{94D144E6-F653-4B54-BAF2-D955BC11A802}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{3E13530E-4C17-4C6C-ADEB-354B7E143283}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{F9152CD9-509B-4CB1-BE6D-69F2F5A4DED3}] => (Allow) C:\Program Files (x86)\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe
FirewallRules: [{28A09F26-0C37-4622-84B2-FBB54F8D2EE9}] => (Allow) C:\Program Files (x86)\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe
FirewallRules: [{DAE3C35B-6EDE-4814-BFDD-85DA8E6498B7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{4C251909-4E79-41AB-9CC9-F27FE1DF4615}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{80BB24E4-6FEE-48CB-806A-D97990BC0ED7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{B91B4B8F-80EF-4184-92C5-6EF90468BA8D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{CD9546A4-7D9D-48D3-A62B-E2F085E5CD08}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{23B30923-FAA0-41F7-93CE-B20F85A4EF76}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{D86019C2-E90E-4DF9-AFFF-0188230B5C29}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FAEAF75E-D9FC-4968-BAE1-8E7647BD7076}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{4371957C-A65A-465D-BF81-C03487AFA593}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{26B71AFD-11B3-4AEB-B884-793800F94DA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1C0F585B-425B-47E2-B59D-649909C8FE48}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{1EF268BB-E8A7-4AAB-9B72-46F52EAC6C92}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{751B4C08-EA94-47C7-8B76-532BC07CE69C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{6D7D79FB-CBAC-43EA-9ECA-234B7D8BDDD7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{5E2BD026-F60E-4A20-AD69-0EB1185B00C9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{35CFD4AE-26A3-46AC-AF06-5CD8BBD17563}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{351470F8-18EC-433D-BB1F-EA5BE74F175F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{0B50BC00-C617-4C8F-A105-1EA8D19B5BA0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{B940773E-9034-4D94-994B-FAB3FDC6086F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{D775A08F-FC77-4AC0-AA5A-2A9C19BD260A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{52CC724A-2372-4061-822D-9B450ED05EF5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [TCP Query User{C55E8594-F54C-4D2F-BEC0-22CF2A041A3C}C:\program files\movavi video editor 14\videoeditor.exe] => (Allow) C:\program files\movavi video editor 14\videoeditor.exe
FirewallRules: [UDP Query User{75FE9C80-B989-4116-8CEE-2A537A4C6BC7}C:\program files\movavi video editor 14\videoeditor.exe] => (Allow) C:\program files\movavi video editor 14\videoeditor.exe
FirewallRules: [TCP Query User{C58BB7E1-8ECA-41BD-A09E-364C9A55059A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{E8FA7002-998C-4811-B96D-0E1F6A8E79C8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{3DF9C8A4-9B5A-4B52-B591-EAF120D39AE0}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{AC46DE17-F401-4172-AF44-558CC1EAA1E5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{3CA8A0FD-6F39-4EE3-9DFA-4EAA7D58795D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe
FirewallRules: [{05813BC9-5632-4874-84DE-A3F9A86A1B65}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{F32BEEF9-F475-4279-A9E5-E0012955B4D4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{6C2CECDB-5A99-48DF-93A1-C0243B6F25FB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{441A1DC3-DE81-4A58-B1CC-F9B727B181B6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{462833EC-2D5A-45A9-8848-0E7601C721F9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe
FirewallRules: [{EF357A41-C61A-4998-8AB5-AF4F0AB99F38}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{BB101C3A-6A68-417F-BD43-77A4061FAC58}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [TCP Query User{59AE4E37-3DEB-4B90-A6AA-15D0A98EF914}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [UDP Query User{86AF2B0C-7BB8-41C5-88C0-45F3722A6325}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [TCP Query User{915AAD84-9BFE-48A4-A7CB-8F5D57BF6CAF}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe
FirewallRules: [UDP Query User{B8A78BC1-F331-409D-AFDB-7ED83A01B5B9}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe
FirewallRules: [TCP Query User{A7FDE41D-5DB1-43AE-AAE3-4ADE71C8F8CC}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe
FirewallRules: [UDP Query User{498A26E3-29E9-49FC-8C98-DAC22C3B5A82}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe
FirewallRules: [{9746F5FA-E547-42AD-B666-25D9A478C507}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{A818A739-89B5-4837-BF19-86DF73FFEAA3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{2136D6B5-E579-4615-BA0A-C7DB6D1FCD5F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{7CF4E983-26A4-4B6F-B7F1-7C46F5A42751}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{072A2BC8-CA3A-4DF1-B7E1-9EC9A717AC58}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{3486A97B-F777-4B67-A3A1-0BED05BAF038}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{A0B6C65D-35E2-47B0-B5C7-FBFDEF771D71}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{015DA360-507F-4008-8711-CD76996968B1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{695CB018-26A3-49D7-BD43-668D05E2BE2D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{DC956BE0-99F0-4BE8-BCAD-1275E3963D5E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{032E585A-B70C-4247-8F89-DCCA7AC2EDBF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{09C1A586-0C16-4386-AB87-C154659CD8D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{861915D3-CB79-476B-B270-7AE75D56D519}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{47079CD2-333E-4AB1-A58C-89B18F23F651}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{3AB719AD-9BF2-499E-83F1-762244135DE6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{C25820A2-F518-42AC-B095-552C0A741642}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{0939B30C-0381-4AF9-98B5-0C22BB5ADD9E}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{1DC0F9A9-7A32-4F3C-806C-8B3984B310D7}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{AEBEE6C5-8D7A-47FA-B5F1-C9F5E4DC3DFE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{289A16DD-CB69-424D-825E-983664C79F3E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{8FB6E990-E24F-49C5-B930-520118926A40}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E555718B-0970-430B-A5BC-650A3441F2F3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{69C763A6-310C-4EC5-A754-FFA8171111CE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{F4838386-DF36-4CA2-ACCB-5255DA663A18}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3A2213B8-7323-4367-B23F-F611A38EEAC8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3CAAAC3D-A655-4009-85FF-645421158608}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{C4EDE689-3D46-4967-825A-D33F3883D05A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{C846EECF-6ED1-499F-91CE-87143764C77C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{F82BBBA0-B5E7-45C9-863A-342627D57EBA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{FDC1C07B-7743-40F9-9C3B-BF0AC80823CC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{F1C5579C-AA9A-4DEE-9D72-73ADF622E1ED}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{BB2130ED-C795-4534-ADBD-6E0F1D9C1790}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E20A419F-6810-430E-9E08-A2A40863F6B7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{5F5CDB34-C037-44F1-9B09-92BDE9DAA7D2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{CA64CEA0-1086-439D-8530-E82049FABCC6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{8C01F72E-0084-4C18-BFD7-FA174515FB37}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{D93F45E1-14E4-48ED-AFC5-3015B9E5F4A1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{C4F14338-CDCD-4B30-A8AD-644E1887617A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{2FA09EDE-DEAB-4D60-93BD-8FD011133C40}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{C2EE9FF4-538E-43CC-AE20-441A2E81F618}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{28374181-4E3F-41B4-8F10-A5F67FD4BEF6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe

==================== Restore Points =========================

28-06-2018 17:04:09 Removed DaVinci Resolve Panels
01-07-2018 08:23:43 Removed NBA 2K14
03-07-2018 21:22:23 Removed CDBurnerXP (64 bit)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2018 09:22:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service avgbIDSAgent since QueryServiceConfig API failed

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (07/03/2018 09:22:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service AVG Antivirus since QueryServiceConfig API failed

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (07/03/2018 09:22:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary avgVmm.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (07/03/2018 09:22:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary avgSP.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (07/03/2018 09:22:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary avgSnx.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (07/03/2018 09:22:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary avgRvrt.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (07/03/2018 09:22:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary avgRdr.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (07/03/2018 09:22:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary avgMonFlt.

System Error:
Systém nemůže nalézt uvedený soubor.
.


System errors:
=============
Error: (07/04/2018 02:13:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ECD169V)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ECD169V\User SID (S-1-5-21-4265154283-1864003611-3609055146-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (07/04/2018 01:07:34 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ECD169V)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ECD169V\User SID (S-1-5-21-4265154283-1864003611-3609055146-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (07/04/2018 01:06:55 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ECD169V)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ECD169V\User SID (S-1-5-21-4265154283-1864003611-3609055146-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (07/04/2018 01:05:22 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ECD169V)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ECD169V\User SID (S-1-5-21-4265154283-1864003611-3609055146-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (07/04/2018 01:05:04 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ECD169V)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ECD169V\User SID (S-1-5-21-4265154283-1864003611-3609055146-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (07/04/2018 01:00:36 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ECD169V)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ECD169V\User SID (S-1-5-21-4265154283-1864003611-3609055146-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (07/04/2018 12:59:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ECD169V)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ECD169V\User SID (S-1-5-21-4265154283-1864003611-3609055146-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (07/04/2018 12:52:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ECD169V)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ECD169V\User SID (S-1-5-21-4265154283-1864003611-3609055146-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-07-04 14:18:32.893
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Vážné
Category: Trojský kůň
Path: file:_C:\Users\User\Downloads\Nepotvrdené 769747.crdownload
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Signature Version: AV: 1.271.420.0, AS: 1.271.420.0, NIS: 1.271.420.0
Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-04 14:17:46.386
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Vážné
Category: Trojský kůň
Path: file:_C:\Users\User\Downloads\Nepotvrdené 57205.crdownload
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Signature Version: AV: 1.271.420.0, AS: 1.271.420.0, NIS: 1.271.420.0
Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-04 14:17:15.277
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Vážné
Category: Trojský kůň
Path: file:_C:\Users\User\Downloads\Nepotvrdené 853174.crdownload
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Signature Version: AV: 1.271.420.0, AS: 1.271.420.0, NIS: 1.271.420.0
Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-04 14:16:43.728
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Vážné
Category: Trojský kůň
Path: file:_C:\Users\User\Downloads\Nepotvrdené 994410.crdownload
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Signature Version: AV: 1.271.420.0, AS: 1.271.420.0, NIS: 1.271.420.0
Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-04 14:16:34.351
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Vážné
Category: Trojský kůň
Path: file:_C:\Users\User\Downloads\Nepotvrdené 842886.crdownload
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Signature Version: AV: 1.271.420.0, AS: 1.271.420.0, NIS: 1.271.420.0
Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-06-17 21:36:38.528
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80240016
Error description: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

CodeIntegrity:
===================================

Date: 2018-07-04 00:19:36.228
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 25%
Total physical RAM: 16265.91 MB
Available physical RAM: 12112.67 MB
Total Virtual: 18697.91 MB
Available Virtual: 14402.56 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:558.85 GB) (Free:248.79 GB) NTFS
Drive d: (Data) (Fixed) (Total:354.58 GB) (Free:353.74 GB) NTFS

\\?\Volume{3e469fee-9574-4352-95bc-16f23eea5ae8}\ () (Fixed) (Total:0.94 GB) (Free:0.44 GB) NTFS
\\?\Volume{f4446640-867a-4238-9761-954f4bf3d155}\ (BIOS_RVY) (Fixed) (Total:16.73 GB) (Free:1.56 GB) NTFS
\\?\Volume{fe82f355-d16c-4c8a-90bf-258a50040395}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 750FE1FC)

Partition: GPT.

==================== End of Addition.txt ============================