﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by Peter (01-12-2018 16:31:17)
Running from C:\Users\Peter\Downloads
Windows 10 Home Version 1803 17134.407 (X64) (2018-05-30 23:03:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3148830301-1876803868-2163055861-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3148830301-1876803868-2163055861-503 - Limited - Disabled)
Guest (S-1-5-21-3148830301-1876803868-2163055861-501 - Limited - Disabled)
Peter (S-1-5-21-3148830301-1876803868-2163055861-1001 - Administrator - Enabled) => C:\Users\Peter
WDAGUtilityAccount (S-1-5-21-3148830301-1876803868-2163055861-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3148830301-1876803868-2163055861-1001\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell System Detect (HKU\S-1-5-21-3148830301-1876803868-2163055861-1001\...\73f463568823ebbe) (Version: 6.7.0.2 - Dell)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
DisplayLink Core Software (HKLM\...\{B8AD0225-B0C0-4395-BD8C-750E0D06211E}) (Version: 7.9.1488.0 - DisplayLink Corp.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 62.4.103 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
FlatOut 2 (HKLM-x32\...\{4E6D2462-AB33-40BB-AA9F-3FA3E0DD0290}) (Version: 1.00.0000 - Empire Interactive)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 3.0.2.0 - Google LLC.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.)
iMazing HEIC Converter version 1.0.5 (HKLM\...\{FA58AFA9-B210-409C-88F1-2A90D577C170}_is1) (Version: 1.0.5 - DigiDNA)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.0.0.243 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel® Wake on Voice (HKLM-x32\...\{A61059F4-F902-4417-8ED2-20A29972EC40}) (Version: 1.0.6 - Intel Corporation)
iTunes (HKLM\...\{56E3752E-E2E6-4F7C-AC04-24BC03A78F09}) (Version: 12.8.0.150 - Apple Inc.)
K-Lite Mega Codec Pack 13.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.1.0 - KLCP)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MetaTrader 4 (HKLM-x32\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.11001.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3148830301-1876803868-2163055861-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21268 - Realtek Semiconductor Corp.)
Realtek I2S Audio (HKLM-x32\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 6.3.9600.118 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.41 - Realtek Semiconductor Corp.)
Realtek USB Gigabit Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 8.17.812.2014 - Realtek)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{E1D7CB46-BAE9-4D58-99C4-582332B1755A}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
USB Tablet Manager (HKLM\...\RmTablet) (Version: 4.16 - )
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.400 - Broadcom Corporation)
WinDirStat 1.1.2 (HKU\S-1-5-21-3148830301-1876803868-2163055861-1001\...\WinDirStat) (Version:  - )
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XMind 8 Update 1 (v3.7.1) (HKLM-x32\...\XMind_is1) (Version: 3.7.1.201612151837 - XMind Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-28] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {027F7C6B-409F-4791-8B75-3B7074AC63C9} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-peter1lukac@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28] (Adobe Systems Incorporated)
Task: {135F4360-F020-489F-AE83-D6DFBE5587F2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-20] (Microsoft Corporation)
Task: {1CB5EC4A-81F2-4774-92BF-05EB233FD712} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe [2017-09-04] (Samsung Electronics)
Task: {1D96D68B-C6B3-4625-9000-E9A52B05B586} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-20] (Microsoft Corporation)
Task: {1E132D05-2761-468B-A651-81B5938CB0D0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {22A9074A-7866-4B82-B432-0A86DD33FAEB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {23BD51FE-E9C5-43F3-BCF5-AC66F5F7697D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {421B53AB-1A74-4A10-8662-14A948AB4BE6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-06] (Dropbox, Inc.)
Task: {4ACC0AA3-A216-4256-80C1-03A04FC53773} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-11-24] (Microsoft Corporation)
Task: {55494998-31C2-45A3-91D8-A0EC7F07C3F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {61F641BC-224E-4CF6-862E-9955A017F0E6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {67ADB55C-A9DD-4826-AB9C-5234E991180D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {698B2CB3-C801-428E-A468-AEE38DD13F3A} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {7D6CBB4F-6138-4CB1-9693-0EB349F3AA18} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-20] (Microsoft Corporation)
Task: {7FEEEB8D-7AAA-4484-8E7D-61DE4650E014} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {835E7047-3488-457F-BFAB-5C5CD98A1389} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {8D115CFA-D7A8-491F-9401-4981BFC6027E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8F79F850-154C-4217-BAFA-7B6E5CBA1D7F} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-04-14] ()
Task: {9A784FA8-D002-42E2-8589-2F3C6FC82978} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A1373127-8219-4FDC-9D26-D1D66F563F78} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-20] (Microsoft Corporation)
Task: {AE55BD05-4164-4E30-A8F1-5D292AF7DC12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-20] (Microsoft Corporation)
Task: {B2CD7823-87C8-48CA-BECD-CEA52FBE21CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-20] (Microsoft Corporation)
Task: {B38DDECB-F1FC-4EF8-A1D0-B061BE795ADF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {B8FF4B19-C0DD-4169-92D7-9B984404839A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-14] (Google Inc.)
Task: {BDD82E30-1E13-4A92-877F-6ADBCD6FF8D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {BE288489-74F0-4FF7-97B7-6E3062866E29} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-14] (Google Inc.)
Task: {C1C8992C-F34F-4D82-87B6-D755770A3AA5} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {C21A771D-D930-4EB6-99CB-67087F7C7331} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {CA6ACE48-ECD0-4295-8E19-430B6725EC06} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CAA00E69-D063-47B4-AE88-0123EEDBFE9A} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\WINDOWS\TEMP\DeleteFolderTask.exe <==== ATTENTION
Task: {D0DF97A4-8724-4464-BF7C-6E80359BF7EF} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-06] (Dropbox, Inc.)
Task: {E229CAEC-E84A-4A1B-BAC2-EB8DBE19EC45} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-14] (Adobe Systems Incorporated)
Task: {E7A7B481-D912-47A2-87CA-6D812AA27263} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-02-24] (Intel(R) Corporation)
Task: {F579538B-8449-4D6C-9E3C-067DBCFE1716} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {F83F3D40-D5E0-47D6-AB06-27290E4D3F75} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {FF239AB3-2365-4B8D-92AD-024F4DD57B1F} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_pjkljhegncpnkpknbcohdijeoejaedia\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia
ShortcutWithArgument: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mgndgikekgjfcpckkfioiadnlibdjbkf\Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mgndgikekgjfcpckkfioiadnlibdjbkf
ShortcutWithArgument: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ejjicmeblgpmajnghnpcppodonldlgfn\Kalendář Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=ejjicmeblgpmajnghnpcppodonldlgfn
ShortcutWithArgument: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_blpcfgokakmgnkcojhhkbfbldkacnbeo\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=blpcfgokakmgnkcojhhkbfbldkacnbeo
ShortcutWithArgument: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_apdfllckaahabafndbhieahigkjlhalf\Disk Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=apdfllckaahabafndbhieahigkjlhalf
ShortcutWithArgument: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ahfgeienlihckogmohjhadlkjgocpleb\Obchod Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=ahfgeienlihckogmohjhadlkjgocpleb
ShortcutWithArgument: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_aapocclcgogkmnckokdopfmhonfmgoek\Prezentace.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=aapocclcgogkmnckokdopfmhonfmgoek
ShortcutWithArgument: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Cut the Rope.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jfbadlndcminbkfojhlimnkgaackjmdo
ShortcutWithArgument: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2016-06-18 11:22 - 2016-05-25 11:53 - 000191688 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2018-03-16 14:19 - 2018-03-16 14:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-23 05:56 - 2018-06-23 05:56 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-21 13:01 - 2015-03-21 13:01 - 000049408 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2018-11-28 01:24 - 2018-10-18 08:44 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-11-28 01:24 - 2018-10-18 08:44 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-09-13 17:59 - 2012-07-11 13:05 - 000579584 _____ () C:\WINDOWS\system32\atwtusb.exe
2017-02-28 00:17 - 2017-02-28 00:17 - 000410616 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-11-22 08:58 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-20 23:01 - 2017-12-20 23:02 - 000948736 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\e_sqlite3.dll
2018-10-09 06:31 - 2018-10-09 06:31 - 002974888 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-10-09 06:31 - 2018-10-09 06:31 - 000355840 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2018-03-17 11:36 - 2018-03-17 11:37 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-11-17 22:53 - 2018-11-17 22:53 - 000777728 _____ () C:\Program Files\WindowsApps\Microsoft.Services.Store.Engagement_10.0.18101.0_x64__8wekyb3d8bbwe\Microsoft.Services.Store.Engagement.dll
2018-07-10 19:24 - 2018-07-10 19:28 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-10-09 06:31 - 2018-10-09 06:31 - 000165888 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Notes.DesktopBridge.exe
2017-09-13 17:59 - 2012-07-11 14:37 - 003589120 _____ () C:\Windows\System32\AtwtusbIcon.exe
2018-10-28 12:16 - 2018-10-28 12:16 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-10-28 12:16 - 2018-10-28 12:16 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-10-28 12:16 - 2018-10-28 12:16 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 19:55 - 2017-09-26 19:56 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-28 12:16 - 2018-10-28 12:16 - 009064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-07-06 01:00 - 2018-07-06 01:00 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-07-06 01:00 - 2018-07-06 01:00 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2015-10-23 00:03 - 2015-10-23 00:14 - 002210480 _____ () C:\Program Files\Microsoft Office\root\Office16\tmpod.dll
2018-11-26 21:52 - 2018-11-16 06:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-26 21:52 - 2018-11-16 06:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2018-11-14 23:11 - 2018-11-14 23:13 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-14 23:11 - 2018-11-14 23:13 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-11-14 23:11 - 2018-11-14 23:13 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2017-10-05 20:17 - 2017-10-05 20:22 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-14 23:11 - 2018-11-14 23:13 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-14 23:11 - 2018-11-14 23:13 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-17 17:26 - 2018-08-17 17:29 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-17 17:26 - 2018-08-17 17:29 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-04-05 22:49 - 2018-04-05 23:05 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-14 23:11 - 2018-11-14 23:13 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-14 23:11 - 2018-11-14 23:13 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-14 23:11 - 2018-11-14 23:13 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-31 21:38 - 2018-08-31 21:49 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-25 21:30 - 2018-07-25 21:31 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-29 18:55 - 2018-11-29 18:55 - 000020992 _____ () C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_2.5.5.0_x64__rcb0qdgx4z9ca\EasyMailReLaunch.exe
2018-11-29 18:55 - 2018-11-29 18:55 - 026614272 _____ () C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_2.5.5.0_x64__rcb0qdgx4z9ca\EasyMailReLaunch.dll
2018-05-07 20:28 - 2018-05-07 20:28 - 000948736 _____ () C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_2.5.5.0_x64__rcb0qdgx4z9ca\e_sqlite3.dll
2018-09-23 13:23 - 2018-09-23 13:23 - 005673832 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2018-05-07 20:28 - 2018-05-07 20:28 - 001877928 _____ () C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_2.5.5.0_x64__rcb0qdgx4z9ca\winsdkfb.dll
2014-09-23 23:07 - 2014-09-23 23:07 - 000030720 _____ () C:\Program Files (x86)\Intel\Intel(R) Wake on Voice Setup\IntcWovLogDll.dll
2014-09-24 17:07 - 2014-09-24 17:07 - 000181248 _____ () C:\Program Files (x86)\Intel\Intel(R) Wake on Voice Setup\IntcWoVDriverDll.dll
2014-09-23 23:08 - 2014-09-23 23:08 - 000047616 _____ () C:\Program Files (x86)\Intel\Intel(R) Wake on Voice Setup\IntcWoVRegistryDll.dll
2014-09-24 17:07 - 2014-09-24 17:07 - 000062464 _____ () C:\Program Files (x86)\Intel\Intel(R) Wake on Voice Setup\IntcWoVAudioDeviceDll.dll
2018-06-23 05:56 - 2018-06-23 05:56 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-06-23 05:56 - 2018-06-23 05:56 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2018-03-16 14:20 - 2018-03-16 14:20 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-11-28 07:13 - 2018-11-28 07:13 - 000098816 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32api.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000110080 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\pywintypes27.dll
2018-11-28 07:13 - 2018-11-28 07:13 - 000364544 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\pythoncom27.dll
2018-11-28 07:13 - 2018-11-28 07:13 - 000320512 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32com.shell.shell.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000914432 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\_hashlib.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 001176576 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\wx._core_.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000806400 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\wx._gdi_.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000816128 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\wx._windows_.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 001067008 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\wx._controls_.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000733184 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\wx._misc_.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000682496 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\pysqlite2._sqlite.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000088064 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\_ctypes.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000686080 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\unicodedata.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000119808 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32file.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000108544 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32security.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000007168 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\hashobjs_ext.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000017920 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\thumbnails_ext.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000088064 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\usb_ext.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000012800 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\common.time34.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000018432 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32event.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000167936 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32gui.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000046080 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\_socket.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 001303552 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\_ssl.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000128512 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\_elementtree.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000127488 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\pyexpat.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000038912 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32inet.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000036864 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\_psutil_windows.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000525208 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\windows._lib_cacheinvalidation.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000011264 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32crypt.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000123392 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\wx._wizard.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000077312 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\wx._html2.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000027648 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\_multiprocessing.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000020480 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\_yappi.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000035840 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32process.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000078848 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\wx._animate.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000024064 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32pipe.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000010240 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\select.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000025600 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32pdh.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000017408 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32profile.pyd
2018-11-28 07:13 - 2018-11-28 07:13 - 000022528 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI56922\win32ts.pyd
2012-06-26 12:11 - 2012-06-26 12:11 - 002302040 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 008197208 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 000345688 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 000202328 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 000027736 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 000282200 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2015-03-16 17:28 - 2015-03-16 17:28 - 000155528 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2018-03-27 12:41 - 2018-03-27 12:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2017-06-26 12:24 - 2017-06-26 12:24 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-01-05 17:17 - 2015-12-18 23:52 - 001607920 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2015-08-06 07:51 - 2012-11-26 04:19 - 001153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-08-06 07:50 - 2014-02-18 20:12 - 000117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3148830301-1876803868-2163055861-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3148830301-1876803868-2163055861-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2017-12-07 20:35 - 000000924 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3148830301-1876803868-2163055861-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Peter\Pictures\Wallpapers\space_flight_sky_shadow_82966_3840x2160.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{42F6826C-6C09-432C-93CE-02479748B08E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{BD769E79-3DE6-40E7-A598-C9D2F90B1C60}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\UMI.exe
FirewallRules: [{0EB9CF9A-281A-40D0-8323-EB81DD6F5F92}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\UMI.exe
FirewallRules: [{A7E14003-A8B4-44BB-98AF-BF2948178F94}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\NGStudio.exe
FirewallRules: [{453F548F-3125-4C1A-9395-3FBA25ECCFBE}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\NGStudio.exe
FirewallRules: [{59901DC5-9AB9-4D5D-8716-A764E55629D0}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\RM.exe
FirewallRules: [{F74D92A4-7BD1-4866-B9B6-D836128B864D}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\RM.exe
FirewallRules: [UDP Query User{1F846AB4-0FC7-4DB4-ADF9-B024525EB532}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [TCP Query User{B67D5CB6-D230-46ED-8337-36ECF0F47F53}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{0AD08D8D-2670-41DF-88C9-978C3C35BAD3}C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe] => (Block) C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{959FC68A-1B4F-4D87-84EB-081C9A70A03C}C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe] => (Block) C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe
FirewallRules: [{ED1892C7-6344-4667-981F-C5201A8B95A0}] => (Allow) C:\Users\Peter\AppData\Roaming\PT\updater.exe
FirewallRules: [{232E557F-4667-4038-B31A-DEE28E6AD03B}] => (Allow) C:\Users\Peter\AppData\Roaming\PT\updater.exe
FirewallRules: [{01678F6A-AC31-46C4-8B35-71F15BB1804F}] => (Allow) C:\Program Files (x86)\PornTime\PornTime.exe
FirewallRules: [{62BAF871-9B35-4468-AE73-85B1C9679F55}] => (Allow) C:\Program Files (x86)\PornTime\PornTime.exe
FirewallRules: [{65633ACD-1406-4C59-A5D9-1ED1907BD333}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{9619B256-D136-48C0-A89E-391F07563C5B}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [UDP Query User{809310BA-A5DD-486C-BFEA-28AB1363C311}C:\users\peter\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\peter\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{DF9A64E1-599F-4A90-B315-35E6291DCADA}C:\users\peter\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\peter\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{2A2B83EC-DC98-4C70-9682-AF4C32CD491D}C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe] => (Allow) C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{2C0F743B-BFD0-4D81-AAD6-55037256A189}C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe] => (Allow) C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe
FirewallRules: [{D0039B3E-9DC2-4D85-978B-DD75F8AAF9B8}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
FirewallRules: [UDP Query User{FEEBD569-D904-4E1B-BCA5-BFC32502D669}C:\users\peter\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\peter\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{49D03DCA-3B74-4D01-B4D3-E24FA398CA15}C:\users\peter\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\peter\appdata\local\popcorn time\nw.exe
FirewallRules: [{65695B90-3A0E-436C-9D94-B040E30A33AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B9DAC401-FEB2-44A1-AF38-DF76F8E39973}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0E54ED4-A037-486C-8267-046DBC85E2DD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{88D260F7-F2ED-48CB-A124-92D51DCA790C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{46B5030D-46EE-4470-92BD-2EB876889604}] => (Allow) C:\Users\Peter\AppData\Roaming\PT\updater.exe
FirewallRules: [{128767E5-76C4-422A-892F-744F49E82620}] => (Allow) C:\Users\Peter\AppData\Roaming\PT\updater.exe
FirewallRules: [{295CCAB8-92DB-4C26-9F62-87D41CADA6BD}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{95C7D542-BB4D-4D6E-9F69-79B0B485DC54}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75FB2AFE-4EB6-4299-9218-9BAD7F86A20A}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{500D4324-9305-4A15-A087-8FFA492C34EE}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{013988E6-88EA-44EA-B741-2885BD642616}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E5568192-5A8F-4E9B-81AE-A1EDD3FB5491}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CE4A1A02-2474-46EC-A410-93538A3983C2}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{F7CBAAFB-C49E-4967-A417-F77328BBE5E6}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [TCP Query User{FF7CF0E5-EF00-49CF-B487-D93D22212CEE}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe
FirewallRules: [UDP Query User{4B98FF91-95D7-41DA-A363-28B46319312E}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe
FirewallRules: [TCP Query User{75D12754-FD8D-43A7-A8F7-A9647AEA17C7}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [UDP Query User{A25BF07B-E886-4543-A091-782482ED2A61}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{310AAA33-A547-47CE-8411-BF1044FE09F2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{3AEBEBB9-24A4-471C-A83E-3106A9C93DEE}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{E047FC5E-45D8-48AC-9D02-318803A420D0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{BE97A195-B46C-4CF8-87E6-8A98A3A8E8B8}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A9E16E1F-7E4A-4783-8930-656EB4F673BE}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2F9A5D84-2B8E-4E8D-B56E-3FA127FFDF61}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9A8E46CC-6F33-4CFF-82D9-C23112F278A1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B6486281-178E-4214-9508-D7C82568C46B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{47088425-F281-4B98-9CB4-3F03BCAF3E52}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{7D9CAA32-3FE7-4E13-B2C9-5FFA6ED0D90C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{11C897CB-BD34-42A6-BB55-D1EFA81C90E6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3940AE8F-3008-416B-A267-69E89BA9D9B1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/01/2018 07:43:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 95061562

Error: (12/01/2018 07:43:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 95061562

Error: (12/01/2018 07:43:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/01/2018 07:43:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 95059968

Error: (12/01/2018 07:43:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 95059968

Error: (12/01/2018 07:43:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/30/2018 05:19:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1734

Error: (11/30/2018 05:19:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1734


System errors:
=============
Error: (12/01/2018 11:49:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/01/2018 07:47:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/01/2018 07:44:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{0358B920-0AC7-461F-98F4-58E32CD89148}
 and APPID 
{3EB3C877-1F16-487C-9050-104DBCD66683}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/01/2018 07:44:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{0358B920-0AC7-461F-98F4-58E32CD89148}
 and APPID 
{3EB3C877-1F16-487C-9050-104DBCD66683}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/01/2018 07:44:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/01/2018 07:44:04 AM) (Source: DCOM) (EventID: 10001) (User: MOCNYCTULHU)
Description: Unable to start a DCOM Server: microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca as Unavailable/Unavailable. The error:
"0"
Happened while starting this command:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server

Error: (12/01/2018 07:44:04 AM) (Source: DCOM) (EventID: 10001) (User: MOCNYCTULHU)
Description: Unable to start a DCOM Server: microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca as Unavailable/Unavailable. The error:
"298"
Happened while starting this command:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server

Error: (12/01/2018 07:44:03 AM) (Source: DCOM) (EventID: 10010) (User: MOCNYCTULHU)
Description: The server microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2018-11-28 01:23:51.183
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8F11FBDF-E954-4D54-9098-DE47AE413B2A}
Scan Type: Antimalware
Scan Parameters: Full Scan

Date: 2018-10-31 21:50:24.898
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {99DF2AE0-472B-4C2C-B9A2-CDB01586393B}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-10-31 21:34:34.236
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {BA283427-D21D-4247-9218-9F505F29FA2C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-10-20 03:25:34.706
Description: 
Windows Defender Antivirus has detected a suspicious behavior.
Name: Informational:Behavior/ModifiedKernel
ID: 438273507
Severity: Low
Category: Suspicious Behavior
Path Found: process:_0
Detection Origin: Unknown
Detection Type: Suspicious
Detection Source: Real-Time Protection
Status: Executing
Process Name: Unknown
Signature ID: 717259538435
Signature Version: AV: 1.279.102.0, AS: 1.279.102.0
Engine Version: 1.1.15400.4
Fidelity Label:  Low
Target File Name:  

Date: 2018-10-20 03:08:27.691
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B36A48B5-1611-4E3F-BFD5-2ECD5D90E48C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-11-29 10:32:36.926
Description: 
Windows Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000006
Resource: file:C:\System Recovery\Repair\Backup\DAB6AD79174FE0BCD18D8778ABF1B9A8395FEFDB.exe

Date: 2018-11-03 10:30:18.718
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.279.1079.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15400.4
Error code: 0x80240017
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

Date: 2018-10-31 06:16:04.935
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.279.771.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15400.4
Error code: 0x80240022
Error description: The program can't check for definition updates. 

Date: 2018-10-31 06:16:04.935
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.279.771.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15400.4
Error code: 0x80240022
Error description: The program can't check for definition updates. 

Date: 2018-10-30 22:22:48.107
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.279.771.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15400.4
Error code: 0x80240022
Error description: The program can't check for definition updates. 

CodeIntegrity:
===================================

Date: 2018-11-29 10:33:22.970
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-29 10:33:22.956
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-29 10:33:07.498
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-29 10:33:07.479
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-29 10:33:07.419
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-29 10:33:07.404
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-29 10:32:52.704
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-29 10:32:52.668
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 73%
Total physical RAM: 8096.7 MB
Available physical RAM: 2169.03 MB
Total Virtual: 10471.97 MB
Available Virtual: 1566.7 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:226.49 GB) (Free:7.71 GB) NTFS
Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
Drive w: () (Fixed) (Total:0.87 GB) (Free:0.46 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:8.02 GB) (Free:0.76 GB) NTFS

\\?\Volume{7bf725bc-c4b6-47cc-a3d0-0e2959b2738f}\ (WINRETOOLS) (Fixed) (Total:2 GB) (Free:1.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: DE183427)

Partition: GPT.

==================== End of Addition.txt ============================