Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018
Ran by Antigen (14-09-2018 15:50:06)
Running from C:\Users\Antigen\Desktop
Windows 10 Home Version 1803 17134.285 (X64) (2018-08-31 09:53:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1513155856-3543802732-2289230164-500 - Administrator - Disabled)
Antigen (S-1-5-21-1513155856-3543802732-2289230164-1001 - Administrator - Enabled) => C:\Users\Antigen
DefaultAccount (S-1-5-21-1513155856-3543802732-2289230164-503 - Limited - Disabled)
Guest (S-1-5-21-1513155856-3543802732-2289230164-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1513155856-3543802732-2289230164-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\uTorrent) (Version: 3.5.4.44520 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Aloha TriPeaks (HKLM-x32\...\WTA-00b87aaa-31fc-4c9a-876e-e6eed9ff5a83) (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-827c3c27-6131-4847-9dd3-056cb3d9d74c) (Version: 2.2.0.98 - WildTangent) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Empress of the Deep - The Darkest Secret (HKLM-x32\...\WTA-a1ec5813-35b3-4b95-ae0e-2dff0598e135) (Version: 2.2.0.98 - WildTangent) Hidden
FirestormOS-Release (HKLM-x32\...\FirestormOS-Release) (Version: 5.0.1.52150 - The Phoenix Firestorm Project, Inc.)
FirestormOS-Releasex64 (HKLM\...\FirestormOS-Releasex64) (Version: 5.0.1.52150 - The Phoenix Firestorm Project, Inc.)
Firestorm-Release (HKLM-x32\...\Firestorm-Release) (Version: 5.1.7.55786 - The Phoenix Firestorm Project, Inc.)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.92 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Heart Of Darkness (HKLM-x32\...\Heart Of Darkness) (Version:  - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Chuzzle Deluxe (HKLM-x32\...\WTA-d1e603f1-6d45-4532-ae7d-e52b008c2578) (Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (HKLM-x32\...\WTA-d17aafb6-e2fa-49b5-90b7-6174753d6980) (Version: 2.2.0.98 - WildTangent) Hidden
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Jewel Quest Solitaire 2 (HKLM-x32\...\WTA-af23ab99-afdc-4406-8c75-80b100710524) (Version: 2.2.0.98 - WildTangent) Hidden
League of Legends (HKLM-x32\...\{6FEDADF5-40EC-4E18-A376-0FDBACE65338}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LenovoUsbDriver 1.0.8 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.0.8 - Lenovo)
Magic Academy (HKLM-x32\...\WTA-827e87e0-3f5c-4067-9ab7-3c4748340f2c) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
Nero 12 Essentials Toshiba (HKLM-x32\...\{2EF76291-8647-46F0-89D8-0AA8B72A5420}) (Version: 12.0.00600 - Nero AG)
PDF Editor 5 (HKLM-x32\...\PDF Editor 5) (Version:  - )
Peggle Nights (HKLM-x32\...\WTA-33702f3f-57ba-446b-9697-ea92bf9ccb53) (Version: 2.2.0.98 - WildTangent) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.4.17 - Prolific Technology INC)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-64a0f1a7-ce34-4966-8d1b-bd2ea4bb38bd) (Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-2f7e765c-8819-454a-9026-e6f7cc4d297f) (Version: 2.2.0.97 - WildTangent) Hidden
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SpyParty version 0.1.5934.0 (HKLM-x32\...\{03AFB032-CCC7-4236-A0F8-619C50BB498E}_is1) (Version: 0.1.5934.0 - definition six, inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6626.6406 - Toshiba Corporation)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 2.00.972 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.1.54043006 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0015 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.2 - Toshiba Europe GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-a5db008c-9023-423e-a5f1-5c09042bd793) (Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba) (Version: 4.0.9.7 - WildTangent) Hidden
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth  (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1BC1733C-D6FF-494C-B20B-3CBFFA03B80A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {22C2C75E-08CE-4B4E-9E79-9EF0346D91E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-29] (Google Inc.)
Task: {2DC8B9DF-9C71-480E-8F1B-6520CA177D11} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-11] (Adobe Systems Incorporated)
Task: {55BD4433-9B31-4823-A318-7B77EFE755AB} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {58BE8F5B-1D63-4703-AA8C-4FB88A1B3E83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {5A5A1417-8BEF-43D8-A556-2CF7DDEDA958} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-29] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6D3141A6-9688-4C66-A371-4D9043428FD7} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2012-09-25] (Toshiba Europe GmbH)
Task: {7D8B1651-FE09-4C9B-BB48-70FFAF5F1965} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {884F35D9-A97E-4FC0-9C50-85C8B66AF248} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8B2FB872-9815-4216-B9EB-230B63DC6F9B} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {A64E94BE-4F8E-4B59-AB40-0EC6303DAD3F} - System32\Tasks\AdobeAAMUpdater-1.0-Radoss-Antigen => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {D19BC40F-B52B-44C6-82A8-188B739DE476} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {F770A879-1DFC-4E90-B8D7-AE4503425F78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {F9A4E315-3C76-4B73-8C64-EACB490C0FF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {FBDCB31E-70AC-4453-9B81-90F112A41993} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-11] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2011-10-13 23:38 - 2011-10-13 23:38 - 000156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-12 23:41 - 2018-08-31 05:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2012-09-04 23:19 - 2012-09-04 23:19 - 002611112 _____ () C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
2012-07-19 03:38 - 2012-07-19 03:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 000049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2018-07-11 09:27 - 2018-07-11 09:27 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-08-31 04:46 - 2018-08-31 04:46 - 005471232 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-08-31 04:46 - 2018-08-31 04:46 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-08-31 04:46 - 2018-08-31 04:46 - 005082112 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2018-08-31 00:25 - 2018-08-31 00:25 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-08-31 00:25 - 2018-08-31 00:25 - 069283840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 14:43 - 2017-10-04 14:45 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-08-21 09:36 - 2018-08-21 09:36 - 000049664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-04 15:26 - 2018-05-04 15:27 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-08-31 00:25 - 2018-08-31 00:25 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-08-21 09:36 - 2018-08-21 09:36 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-31 00:25 - 2018-08-31 00:25 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-21 09:36 - 2018-08-21 09:36 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-04-03 09:57 - 2018-04-03 10:01 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-08-31 00:25 - 2018-08-31 00:25 - 014333440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-08-31 00:25 - 2018-08-31 00:25 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-08-31 00:25 - 2018-08-31 00:25 - 002869248 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-31 00:25 - 2018-08-31 00:25 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 09:43 - 2018-07-27 09:43 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-17 11:08 - 2018-07-17 11:09 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-17 11:08 - 2018-07-17 11:09 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-17 11:08 - 2018-07-17 11:09 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-17 11:08 - 2018-07-17 11:09 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-09-11 23:08 - 2018-09-11 23:09 - 035124736 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-09-11 23:08 - 2018-09-11 23:09 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-09-11 23:08 - 2018-09-11 23:09 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 16:53 - 2017-09-26 16:54 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-11 23:08 - 2018-09-11 23:09 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-09-13 00:12 - 2018-09-11 01:50 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.92\libglesv2.dll
2018-09-13 00:12 - 2018-09-11 01:50 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.92\libegl.dll
2013-03-11 05:07 - 2011-10-14 12:17 - 000158536 _____ () C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll
2013-03-11 05:03 - 2012-06-25 19:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-20 22:39 - 2018-04-02 08:35 - 000001023 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 http://www.techsmith.com
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 oscount.techsmith.com
127.0.0.1 updater.techsmith.com
127.0.0.1 camtasiatudi.techsmith.com
127.0.0.1 tsccloud.cloudapp.net
127.0.0.1 assets.cloud.techsmith.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 10.0.0.138 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run: => "SRS Premium Sound HD"
HKLM\...\StartupApproved\Run: => "TODDMain"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "TPUReg"
HKLM\...\StartupApproved\Run32: => "TPUReg(x86)"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\StartupApproved\Run: => "FreeAC"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{F471B62A-083E-48C8-A2AA-958DB5C5E31D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [TCP Query User{627D3C88-C73B-4A96-ADB3-4E206F63B302}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [UDP Query User{937A75C3-5CA8-4A57-B875-D7493D5EFC94}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [TCP Query User{1EF86FE6-2BE9-47D8-8D54-10F60FFAFCC5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [{D04391C9-9F35-447D-BA53-D24F10DF2BE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\60 Seconds!\60Seconds.exe
FirewallRules: [{29365B53-1CDC-4C1C-AF38-89874080F0A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\60 Seconds!\60Seconds.exe
FirewallRules: [{B1B9B3F4-67EE-4A3A-BE2E-DE563489DF2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{7B55261E-83A7-4152-9DDA-0414A96FFBC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [UDP Query User{46CEE3DF-0374-4B43-8DD3-038D3B100293}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [TCP Query User{B0C9B6D7-D0BF-4E25-95B5-A345D7CE9485}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [UDP Query User{FD17215A-5630-4F04-B3B2-FE9AC2518EC7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe
FirewallRules: [TCP Query User{3597C456-0E63-43F9-A8EC-3B8DFB4D52EC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe
FirewallRules: [UDP Query User{ADC69B3F-A321-47B7-8999-ECA8F7F83C84}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [TCP Query User{5E35F61D-2892-42B2-BDDF-84FFF23A21FE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [UDP Query User{8C998D99-3B13-4B9C-A538-4871A9D965B4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [TCP Query User{7294DCBA-D9EF-4868-A099-8289B30C0D32}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [UDP Query User{D82EDB5B-780D-4F14-8A44-58DC38694682}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [TCP Query User{445480D1-0106-41E7-9534-241AD1AEA9E3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [UDP Query User{48BF3F34-EABD-486B-8173-F6A1F33FB4AE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [TCP Query User{604C2079-81C3-46CC-BD1B-F71998FB64DF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0CAAFB2D-72A5-4723-8A2F-BA06ED27DD5D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.152\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.152\deploy\leagueclient.exe
FirewallRules: [TCP Query User{8E54E98E-DAA0-413B-B043-B0A0B97D8017}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.152\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.152\deploy\leagueclient.exe
FirewallRules: [UDP Query User{3811E0FC-BEE5-4BE3-8628-CA6964CB9959}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [TCP Query User{EAAE9DF8-80BB-409D-A8A6-41B3E0C3342C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [UDP Query User{BDB3475A-1BCD-42A0-82F2-E6D6A5B71FE5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [TCP Query User{67F7E015-A7B8-40B2-AD0E-56C9C7298975}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [UDP Query User{4737B98E-7856-4CC4-B960-51A8CB99579F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe
FirewallRules: [TCP Query User{BFE0919B-3BDD-4EA3-810A-BEF47ADB25C1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe
FirewallRules: [UDP Query User{BF4CAF28-2177-46B4-9C73-A220C0439C69}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [TCP Query User{44AF650B-15E1-493F-ADC1-27123185727B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [UDP Query User{2708BF4B-90A4-42E1-ACA0-FEF63B7222BB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [TCP Query User{CB41108D-499D-4808-A1B2-6466E3654755}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [UDP Query User{DFE935C3-1708-4EAE-A891-5946060703E4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [TCP Query User{E26C7D96-F9B1-47B0-BE27-0393B0EA1206}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [UDP Query User{A3DD686C-BF34-41DA-AF79-E91CBD459F50}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [TCP Query User{4FA2C7A7-FAD3-41B4-B087-88BA155A55AF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [UDP Query User{DA4A4766-434B-4073-99E4-134B27EFE2E7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [TCP Query User{48D0A371-D5A4-41EC-BC37-0F00331838B5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [UDP Query User{3E426C1E-A6E3-4EA3-B20F-DE864C210106}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [TCP Query User{9FBC3FFE-ACEB-491A-9150-A402676A2CC5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [UDP Query User{8E105F83-B604-4A44-A7E1-81238DD29FBF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [TCP Query User{42039702-D10B-4980-95B7-A99763EACDDF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [UDP Query User{FFA87154-3EAD-47EF-84E5-DFE0B99E276C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.132\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.132\deploy\leagueclient.exe
FirewallRules: [TCP Query User{4B6C5D85-916F-4F4B-A937-0C0C5D919179}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.132\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.132\deploy\leagueclient.exe
FirewallRules: [UDP Query User{56EC3046-71CC-44B9-A892-EA6A7DEB54C2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [TCP Query User{F42971D6-5D9E-4D79-B73B-A438DA33659B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [UDP Query User{CD43FC3D-B0EA-48E3-B1A0-42578DF2AD01}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{611F2185-4E79-43DB-9B08-41E473999DB6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{D1717632-721B-4E62-A046-EAB11E6725BC}C:\program files (x86)\firestormos-release\slvoice.exe] => (Block) C:\program files (x86)\firestormos-release\slvoice.exe
FirewallRules: [UDP Query User{60E4BDF6-092D-4381-A5DF-0FD4970F4CF7}C:\program files (x86)\firestormos-release\slvoice.exe] => (Block) C:\program files (x86)\firestormos-release\slvoice.exe
FirewallRules: [TCP Query User{EA08297F-669F-4629-B4CD-A800A30A663F}C:\users\antigen\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\antigen\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C71CD07C-DD73-4E3D-A905-90B974675DF4}C:\users\antigen\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\antigen\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{D1F40D8B-61F2-4898-A286-0CA8E71682C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{956BA8DC-4803-489F-B7C9-4B24AF073415}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C89D78A5-1EA6-4C90-97AB-160E4237162F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1C659D7A-75E6-4AE3-8696-F3CA09029A0D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0002CF6B-236C-4577-802B-3F6B98CDCB27}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{396A0470-4976-4D84-93FE-F136B038EFF1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1294931D-89F5-4E8C-B18C-A26F05E9E66C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe
FirewallRules: [{807245C5-F41A-4477-81CE-06ABD9307DCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe
FirewallRules: [{162A11DD-3B47-404F-A35C-7BEEC88F65D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{913B3879-187C-4586-85F5-6E070316AE04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [TCP Query User{F471E08B-D9B2-4FC8-98ED-6AF5988082E0}C:\program files (x86)\firestorm-release\slvoice.exe] => (Allow) C:\program files (x86)\firestorm-release\slvoice.exe
FirewallRules: [UDP Query User{99D7FB24-07D3-49BE-B03E-4EFF6A2F6CB2}C:\program files (x86)\firestorm-release\slvoice.exe] => (Allow) C:\program files (x86)\firestorm-release\slvoice.exe
FirewallRules: [TCP Query User{D2849D72-0E53-406C-89FB-94418BA1E6F3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe
FirewallRules: [UDP Query User{D4C6D568-EC96-47D4-9BBA-FDE5186795BF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe
FirewallRules: [{2D463927-8506-4A1B-A53F-4153ED940710}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

02-09-2018 19:51:23 Instalační služba modulů systému Windows
03-09-2018 21:51:12 Instalační služba modulů systému Windows
04-09-2018 23:51:42 Instalační služba modulů systému Windows
06-09-2018 04:12:16 Instalační služba modulů systému Windows
07-09-2018 06:12:27 Instalační služba modulů systému Windows
08-09-2018 07:52:32 Instalační služba modulů systému Windows
09-09-2018 13:52:31 Instalační služba modulů systému Windows
10-09-2018 23:51:23 Instalační služba modulů systému Windows
12-09-2018 01:51:04 Instalační služba modulů systému Windows
13-09-2018 03:51:22 Instalační služba modulů systému Windows
14-09-2018 15:11:35 Removed VEGAS Pro 14.0 (64-bit)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/14/2018 03:16:41 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Radoss)
Description: httphttp-2147467263

Error: (09/14/2018 03:11:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
   Spouštění asynchronní operace

Kontext:
   Aktuální stav: DoSnapshotSet

Error: (09/14/2018 03:01:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad  na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/14/2018 02:53:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad  na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/14/2018 04:19:08 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad  na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/10/2018 11:55:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad  na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_fb4599993062b194.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_42f2d07044deda9a.manifest.

Error: (09/10/2018 10:54:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad  na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_fb4599993062b194.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.228_none_42f2d07044deda9a.manifest.

Error: (09/10/2018 10:54:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17134.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 3610

Čas spuštění: 01d449485900ed48

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

ID hlášení: 10814ce7-9480-4041-a553-86b5509be6dc

Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: App


System errors:
=============
Error: (09/14/2018 03:37:33 PM) (Source: DCOM) (EventID: 10016) (User: Radoss)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 a APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 uživateli Radoss\Antigen (SID: S-1-5-21-1513155856-3543802732-2289230164-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/14/2018 03:35:13 PM) (Source: DCOM) (EventID: 10016) (User: Radoss)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli Radoss\Antigen (SID: S-1-5-21-1513155856-3543802732-2289230164-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/14/2018 03:32:12 PM) (Source: DCOM) (EventID: 10016) (User: Radoss)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli Radoss\Antigen (SID: S-1-5-21-1513155856-3543802732-2289230164-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/14/2018 03:09:28 PM) (Source: DCOM) (EventID: 10001) (User: Radoss)
Description: Nelze spustit server DCOM: {E9513610-F218-4DDA-B954-2C7E6BA7CABB} jako Není k dispozici/Není k dispozici. Došlo k chybě: 
5
při provádění příkazu: 
C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriver.exe -Embedding

Error: (09/14/2018 03:09:05 PM) (Source: DCOM) (EventID: 10001) (User: Radoss)
Description: Nelze spustit server DCOM: {E9513610-F218-4DDA-B954-2C7E6BA7CABB} jako Není k dispozici/Není k dispozici. Došlo k chybě: 
5
při provádění příkazu: 
C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriver.exe -Embedding

Error: (09/14/2018 03:02:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
Windows.SecurityCenter.WscDataProtection
 a APPID 
Není k dispozici
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/14/2018 03:02:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
Windows.SecurityCenter.WscBrokerManager
 a APPID 
Není k dispozici
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/14/2018 03:00:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
===================================
Date: 2018-09-06 16:55:03.042
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CD07E423-11A5-4B3A-8C93-0834A28BFBE2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-06 16:27:34.427
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8F1012F5-7A3E-49B1-947E-9032EC73CB91}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-06 14:24:16.914
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D85F7982-DFD8-41E3-B2A8-D5F477926E11}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-06 03:32:06.575
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {78DD7F0D-D38F-4AEE-B466-6C6067C77E79}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-05 21:03:51.471
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B6930D95-1E0C-4AE1-8EB3-26000DE239C8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU 1000M @ 1.80GHz
Percentage of memory in use: 58%
Total physical RAM: 3979.22 MB
Available physical RAM: 1633.11 MB
Total Virtual: 8075.22 MB
Available Virtual: 5484.74 MB

==================== Drives ================================

Drive c: (TI31014200A) (Fixed) (Total:453.95 GB) (Free:80.25 GB) NTFS

\\?\Volume{fe282917-3597-11e2-b025-b6ec0d91dbcc}\ (System) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{d71793ff-97fc-49c8-97a8-7ace290de8e1}\ () (Fixed) (Total:0.86 GB) (Free:0.34 GB) NTFS
\\?\Volume{dfe5ddb3-d64b-4507-831d-327353c5aea5}\ (Recovery) (Fixed) (Total:10.13 GB) (Free:0.59 GB) NTFS
\\?\Volume{fe28291f-3597-11e2-b025-b6ec0d91dbcc}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================